URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Submission: On February 22 via manual from CA — Scanned from CA

Summary

This website contacted 78 IPs in 8 countries across 80 domains to perform 255 HTTP transactions. The main IP is 2607:f8b0:4006:81c::2013, located in Nutley, United States and belongs to GOOGLE, US. The main domain is en.weakstreams.live.
TLS certificate: Issued by GTS CA 1D4 on January 8th 2023. Valid for: 3 months.
This is the only time en.weakstreams.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:141b:900... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f07... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:50c0:800... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 192.0.78.26 2635 (AUTOMATTIC)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1400:900... 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 139.45.197.234 9002 (RETN-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
13 2a04:4e42::485 54113 (FASTLY)
6 2607:f8b0:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
9 95.163.217.75 47764 (VK-AS)
16 87.240.132.78 47541 (VKONTAKTE...)
10 2606:4700:e0:... 13335 (CLOUDFLAR...)
4 104.21.26.234 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
4 2607:f8b0:400... 15169 (GOOGLE)
1 149.56.240.129 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
19 95.142.206.1 60476 (MYCOM-AS)
3 13.224.214.57 16509 (AMAZON-02)
3 13.58.43.146 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1148:db0... 47764 (VK-AS)
3 108.138.128.124 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
3 3 141.94.171.213 16276 (OVH)
4 4 50.16.197.56 14618 (AMAZON-AES)
4 8 173.223.57.84 16625 (AKAMAI-AS)
8 8 3.33.220.150 16509 (AMAZON-02)
4 104.106.226.133 16625 (AKAMAI-AS)
1 13.225.223.33 16509 (AMAZON-02)
9 95.163.52.67 47764 (VK-AS)
1 195.211.21.6 47764 (VK-AS)
4 13.58.67.229 16509 (AMAZON-02)
2 6 3.234.8.37 14618 (AMAZON-AES)
1 3 34.111.234.236 396982 (GOOGLE-CL...)
2 2 35.190.60.146 15169 (GOOGLE)
1 104.127.185.52 16625 (AKAMAI-AS)
1 18.161.21.123 16509 (AMAZON-02)
3 5 142.250.81.226 15169 (GOOGLE)
1 2 23.92.190.74 10913 (INTERNAP-BLK)
1 217.20.156.158 47764 (VK-AS)
6 2607:f8b0:400... 15169 (GOOGLE)
1 95.163.217.74 47764 (VK-AS)
1 18.238.4.33 16509 (AMAZON-02)
4 4 34.238.58.80 14618 (AMAZON-AES)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 35.236.220.17 396982 (GOOGLE-CL...)
2 63.251.86.51 32475 (SINGLEHOP...)
2 17 35.169.226.14 14618 (AMAZON-AES)
5 6 34.111.113.62 396982 (GOOGLE-CL...)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 2 2606:4700:1::... 13335 (CLOUDFLAR...)
1 2 209.54.182.161 16509 (AMAZON-02)
2 2 185.167.164.49 198622 (ADFORM)
2 2 8.28.7.81 62713 (AS-PUBMATIC)
1 1 104.16.111.154 13335 (CLOUDFLAR...)
2 2 52.22.162.46 14618 (AMAZON-AES)
1 40.71.11.141 8075 (MICROSOFT...)
1 54.166.121.69 14618 (AMAZON-AES)
1 1 69.169.85.6 29838 (AMC)
1 69.169.85.7 29838 (AMC)
1 1 52.20.134.127 14618 (AMAZON-AES)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 1 52.45.33.138 14618 (AMAZON-AES)
1 1 216.200.232.249 30419 (MEDIAMATH...)
2 2 207.198.113.89 13768 (COGECO-PEER1)
2 2 151.101.66.49 54113 (FASTLY)
1 18.238.4.10 16509 (AMAZON-02)
2 2 68.67.160.75 29990 (ASN-APPNEX)
4 45.154.206.33 48357 (K4X)
3 217.20.147.23 47764 (VK-AS)
255 78
Apex Domain
Subdomains
Transfer
35 vk.com
vk.com — Cisco Umbrella Rank: 6100
st6-21.vk.com — Cisco Umbrella Rank: 122157
2 MB
20 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1202
bcp.crwdcntrl.net — Cisco Umbrella Rank: 889
sync.crwdcntrl.net — Cisco Umbrella Rank: 751
28 KB
13 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
714 KB
11 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 12014
t.sharethis.com — Cisco Umbrella Rank: 6470
sync.sharethis.com — Cisco Umbrella Rank: 2901
17 KB
10 mail.ru
rs.mail.ru — Cisco Umbrella Rank: 16402
top-fwz1.mail.ru — Cisco Umbrella Rank: 10359
36 KB
10 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 34817
8 KB
10 befirstcdn.com
befirstcdn.com
285 KB
10 techclips.net
techclips.net — Cisco Umbrella Rank: 933576
54 KB
9 vkplay.live
vkplay.live — Cisco Umbrella Rank: 722227
static.vkplay.live
api.vkplay.live
1 MB
9 gamerarcades.com
gamerarcades.com
55 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
4 KB
8 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 553
stags.bluekai.com — Cisco Umbrella Rank: 489
3 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
91 KB
8 href.li
href.li — Cisco Umbrella Rank: 94642
969 B
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 426
2 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 575
i6.liadm.com — Cisco Umbrella Rank: 2182
3 KB
6 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 993
4 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
326 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
6 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3923
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4837
data-beacons.s-onetag.com — Cisco Umbrella Rank: 14482
14 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
ssl.google-analytics.com — Cisco Umbrella Rank: 362
96 KB
4 cdnexpress11.net
q6wfjsqg9yt6w93r.cdnexpress11.net
14 MB
4 mycdn.me
i.mycdn.me — Cisco Umbrella Rank: 15090
api.mycdn.me — Cisco Umbrella Rank: 29927
16 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 591
ce.lijit.com — Cisco Umbrella Rank: 883
3 KB
4 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 25431
loadus.exelator.com — Cisco Umbrella Rank: 1318
3 KB
4 trustexploration.com
g8400m3ybg8x3x.trustexploration.com
42 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 15992
widgets.amung.us — Cisco Umbrella Rank: 14700
4 KB
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1710
611 B
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2200
1 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 19053
t.dtscout.com — Cisco Umbrella Rank: 14601
5 KB
3 swarm.video
swarm.video — Cisco Umbrella Rank: 448407
134 KB
3 blogger.com
draft.blogger.com — Cisco Umbrella Rank: 76709
www.blogger.com — Cisco Umbrella Rank: 9076
57 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 385
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 586
638 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 595
966 B
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 860
ups.analytics.yahoo.com — Cisco Umbrella Rank: 273
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 731
550 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
941 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 274
2 KB
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1277
721 B
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1195
856 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 359
858 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 340
830 B
2 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 22288
1 KB
2 awstats.cloud
awstats.cloud — Cisco Umbrella Rank: 568514
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 19286
s4.histats.com — Cisco Umbrella Rank: 15978
5 KB
2 weakstream.org
weakstream.org
3 KB
2 sportsembed.su
sportsembed.su
3 KB
2 bedrapiona.com
bedrapiona.com — Cisco Umbrella Rank: 47805
925 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
88 KB
2 typekit.net
p.typekit.net — Cisco Umbrella Rank: 577
use.typekit.net — Cisco Umbrella Rank: 440
18 KB
2 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 5270
198 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 482
722 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 460
661 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 645
614 B
1 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 2632
991 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1801
512 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 581
337 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 12828
543 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2186
549 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 726
605 B
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1742
1 boosty.to
images.boosty.to — Cisco Umbrella Rank: 531889
77 KB
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 4226
16 KB
1 vkplay.ru
1l-hit.vkplay.ru — Cisco Umbrella Rank: 388564
988 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 16411
602 B
1 vyazd.com
vyazd.com
35 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
805 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 929
6 KB
1 yalla-shoot.io
stad.yalla-shoot.io — Cisco Umbrella Rank: 681454
4 KB
1 alkoora.live
online.alkoora.live — Cisco Umbrella Rank: 621074 Failed
11 KB
1 yalla-shoot.video
cup.yalla-shoot.video Failed
10 KB
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 17147
540 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
28 KB
1 github.io
ljii.github.io — Cisco Umbrella Rank: 507461
2 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 13838
2 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
49 KB
1 inklinkor.com
inklinkor.com — Cisco Umbrella Rank: 83222
25 KB
1 weakstreams.live
en.weakstreams.live
32 KB
255 80
Domain Requested by
19 st6-21.vk.com vk.com
16 vk.com stad.yalla-shoot.io
vk.com
st6-21.vk.com
13 sync.crwdcntrl.net bcp.crwdcntrl.net
13 cdn.jsdelivr.net weakstream.org
gamerarcades.com
techclips.net
g8400m3ybg8x3x.trustexploration.com
10 youradexchange.com befirstcdn.com
10 befirstcdn.com weakstream.org
sportsembed.su
befirstcdn.com
gamerarcades.com
techclips.net
g8400m3ybg8x3x.trustexploration.com
10 techclips.net href.li
techclips.net
en.weakstreams.live
static.cloudflareinsights.com
9 top-fwz1.mail.ru vkplay.live
vk.com
online.alkoora.live
9 gamerarcades.com href.li
gamerarcades.com
en.weakstreams.live
8 match.adsrvr.org 8 redirects
8 href.li en.weakstreams.live
cdnjs.cloudflare.com
7 tags.bluekai.com 3 redirects sportsembed.su
tags.bkrtx.com
en.weakstreams.live
bcp.crwdcntrl.net
6 pixel.tapad.com 5 redirects en.weakstreams.live
6 www.gstatic.com static.vkplay.live
www.gstatic.com
vk.com
6 ps.eyeota.net 2 redirects data-beacons.s-onetag.com
en.weakstreams.live
6 static.vkplay.live vkplay.live
static.vkplay.live
6 www.googletagmanager.com weakstream.org
gamerarcades.com
techclips.net
www.googletagmanager.com
vkplay.live
5 cm.g.doubleclick.net 3 redirects bcp.crwdcntrl.net
4 q6wfjsqg9yt6w93r.cdnexpress11.net swarm.video
4 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
4 i.liadm.com 4 redirects
4 sync.sharethis.com sportsembed.su
4 t.sharethis.com pd.sharethis.com
t.sharethis.com
4 www.google-analytics.com www.googletagmanager.com
4 g8400m3ybg8x3x.trustexploration.com sportsembed.su
g8400m3ybg8x3x.trustexploration.com
3 api.mycdn.me vk.com
static.vkplay.live
3 ml314.com 1 redirects sportsembed.su
bcp.crwdcntrl.net
3 pixel.onaudience.com 3 redirects
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 pd.sharethis.com e.dtscout.com
sportsembed.su
t.sharethis.com
3 get.s-onetag.com e.dtscout.com
get.s-onetag.com
3 swarm.video g8400m3ybg8x3x.trustexploration.com
swarm.video
2 api.vkplay.live static.vkplay.live
2 secure.adnxs.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 dpm.demdex.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 s.amazon-adsystem.com 1 redirects bcp.crwdcntrl.net
2 cm.mgid.com 1 redirects bcp.crwdcntrl.net
2 d.turn.com 2 redirects
2 ce.lijit.com en.weakstreams.live
2 px.ads.linkedin.com 1 redirects en.weakstreams.live
2 i6.liadm.com en.weakstreams.live
2 ap.lijit.com 1 redirects sportsembed.su
2 idsync.rlcdn.com 2 redirects
2 loadus.exelator.com 2 redirects
2 loada.exelator.com 2 redirects
2 a.dtssrv.com e.dtscout.com
2 t.dtscout.com e.dtscout.com
2 awstats.cloud g8400m3ybg8x3x.trustexploration.com
awstats.cloud
2 widgets.amung.us sportsembed.su
g8400m3ybg8x3x.trustexploration.com
2 whos.amung.us 2 redirects
2 weakstream.org href.li
cdn.jsdelivr.net
2 sportsembed.su href.li
sportsembed.su
2 bedrapiona.com inklinkor.com
2 fonts.gstatic.com en.weakstreams.live
fonts.googleapis.com
2 connect.facebook.net en.weakstreams.live
connect.facebook.net
2 draft.blogger.com en.weakstreams.live
2 pro.fontawesome.com en.weakstreams.live
pro.fontawesome.com
1 aa.agkn.com bcp.crwdcntrl.net
1 sync.mathtag.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 beacon.krxd.net bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 dmp.truoptik.com 1 redirects
1 um.simpli.fi 1 redirects
1 api.intentiq.com data-beacons.s-onetag.com
1 images.boosty.to vkplay.live
1 i.mycdn.me vk.com
1 stags.bluekai.com 1 redirects
1 data-beacons.s-onetag.com get.s-onetag.com
1 tags.bkrtx.com pd.sharethis.com
1 1l-hit.vkplay.ru vkplay.live
1 onetag-geo.s-onetag.com get.s-onetag.com
1 t.dtscdn.com e.dtscout.com
1 rs.mail.ru vkplay.live
1 vyazd.com g8400m3ybg8x3x.trustexploration.com
1 e.dtscout.com s4.histats.com
1 fonts.googleapis.com g8400m3ybg8x3x.trustexploration.com
1 ssl.google-analytics.com en.weakstreams.live
1 s4.histats.com s10.histats.com
1 s10.histats.com sportsembed.su
1 vkplay.live online.alkoora.live
1 static.cloudflareinsights.com techclips.net
1 stad.yalla-shoot.io cup.yalla-shoot.video
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 online.alkoora.live en.weakstreams.live
cdnjs.cloudflare.com
1 cup.yalla-shoot.video en.weakstreams.live
cdnjs.cloudflare.com
1 use.typekit.net en.weakstreams.live
1 ipapi.co ljii.github.io
1 www.blogger.com en.weakstreams.live
1 cdnjs.cloudflare.com en.weakstreams.live
1 ljii.github.io en.weakstreams.live
1 blogger.googleusercontent.com en.weakstreams.live
1 pagead2.googlesyndication.com en.weakstreams.live
1 p.typekit.net client
1 inklinkor.com en.weakstreams.live
1 en.weakstreams.live
255 104

This site contains links to these domains. Also see Links.

Domain
www.mrjaz.com
sohanisharma.com
quikfinance.blogspot.com
Subject Issuer Validity Valid
en.weakstreams.live
GTS CA 1D4
2023-01-08 -
2023-04-08
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-01 -
2023-03-31
a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.blogger.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-12-02 -
2023-03-02
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-07 -
2023-04-07
a year crt.sh
tls.automattic.com
R3
2022-12-27 -
2023-03-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
online.alkoora.live
GTS CA 1P5
2023-02-21 -
2023-05-22
3 months crt.sh
bedrapiona.com
R3
2022-12-13 -
2023-03-13
3 months crt.sh
*.sportsembed.su
GTS CA 1P5
2023-02-11 -
2023-05-12
3 months crt.sh
*.weakstream.org
GTS CA 1P5
2023-02-14 -
2023-05-15
3 months crt.sh
*.techclips.net
GTS CA 1P5
2023-02-05 -
2023-05-06
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
vkplay.live
R3
2023-02-11 -
2023-05-12
3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-03-18 -
2023-04-03
a year crt.sh
*.trustexploration.com
GTS CA 1P5
2023-02-17 -
2023-05-18
3 months crt.sh
histats.com
R3
2022-12-21 -
2023-03-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.dtscout.com
GTS CA 1P5
2023-01-29 -
2023-04-29
3 months crt.sh
*.s-onetag.com
Amazon
2022-12-04 -
2024-01-02
a year crt.sh
sharethis.com
Amazon RSA 2048 M01
2023-02-09 -
2023-07-20
5 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018
2022-10-18 -
2023-11-19
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.dtscdn.com
GTS CA 1P5
2023-01-24 -
2023-04-24
3 months crt.sh
cert1.a1.atm.aqfer.net
R3
2023-02-22 -
2023-05-23
3 months crt.sh
vkplay.ru
GlobalSign RSA OV SSL CA 2018
2022-05-27 -
2023-06-28
a year crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-18 -
2024-01-17
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.mycdn.me
GlobalSign RSA OV SSL CA 2018
2022-08-08 -
2023-09-09
a year crt.sh
boosty.to
R3
2023-02-10 -
2023-05-11
3 months crt.sh
*.intentiq.com
Amazon
2022-03-20 -
2023-04-17
a year crt.sh
eyeota.net
GoGetSSL RSA DV CA
2022-03-18 -
2023-03-18
a year crt.sh
c.cintnetworks.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2022-11-04 -
2023-05-04
6 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-10-19
a year crt.sh
ml314.com
GTS CA 1D4
2023-02-09 -
2023-05-10
3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
q6wfjsqg9yt6w93r.cdnexpress11.net
R3
2023-01-05 -
2023-04-05
3 months crt.sh

This page contains 29 frames:

Primary Page: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Frame ID: F75D70C1096305222D04A44CF3691CF5
Requests: 19 HTTP requests in this frame

Frame: https://href.li/?https://gamerarcades.com/assets/ts1.html
Frame ID: ADEFCA7FA5E6E45E9D3A971C8CCACBEA
Requests: 1 HTTP requests in this frame

Frame: https://href.li/?https://sportsembed.su/channels/hd/hd3.php
Frame ID: B707B33CF13541FF78B1FACE33CF441C
Requests: 1 HTTP requests in this frame

Frame: https://href.li/?https://weakstream.org/streams/10865866
Frame ID: A49276BB8633A927B22EF4716B087EAA
Requests: 1 HTTP requests in this frame

Frame: https://href.li/?https://techclips.net/clip/s1.html
Frame ID: E212DBE9D321974AD0431574928B2D9B
Requests: 1 HTTP requests in this frame

Frame: https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
Frame ID: 67269FC07DC7343D1B87E6ECFA6AA3CC
Requests: 1 HTTP requests in this frame

Frame: https://online.alkoora.live/albaplayer/on-time-sport-1/
Frame ID: 2A1D3E99537886DCB6E9AA53B3B5B033
Requests: 1 HTTP requests in this frame

Frame: https://gamerarcades.com/assets/ts1.html
Frame ID: F2D8B43DECF99E26E82F7B1CA7B96D72
Requests: 16 HTTP requests in this frame

Frame: https://sportsembed.su/channels/hd/hd3.php
Frame ID: 290DF25571DB0D4A83EAF43C0E7FA670
Requests: 37 HTTP requests in this frame

Frame: https://weakstream.org/streams/10865866
Frame ID: D3F290BE981D441FFE5EE67F431AFCD5
Requests: 13 HTTP requests in this frame

Frame: https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
Frame ID: 954304BD56E9C5569C6E5CDEC5818BEA
Requests: 1 HTTP requests in this frame

Frame: https://online.alkoora.live/albaplayer/on-time-sport-1/
Frame ID: 2F6247D11A2694361F62D98CBB5D7051
Requests: 1 HTTP requests in this frame

Frame: https://techclips.net/clip/s1.html
Frame ID: DB8DFD7557933A55C5167477A51591A8
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230221/r20190131/zrt_lookup.html
Frame ID: DCF18B3B2DC30CB463A268328356EB30
Requests: 1 HTTP requests in this frame

Frame: https://stad.yalla-shoot.io/sa/c1.php
Frame ID: D7AC5DE5018F69A46C279B9FA1EA8A05
Requests: 1 HTTP requests in this frame

Frame: https://vkplay.live/app/embed/koravip
Frame ID: 1FDE506A5CA2591BA542B4F711DEA2A1
Requests: 33 HTTP requests in this frame

Frame: https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677096000
Frame ID: FA0B260A0B8CF737DA9934BA31AE2CF2
Requests: 6 HTTP requests in this frame

Frame: https://techclips.net/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79daf65498e6c477
Frame ID: E168DCDAF5A271E83FF6C6851DD35060
Requests: 6 HTTP requests in this frame

Frame: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Frame ID: 7039611A0D3ABCE6C82B807A3C0BB1A8
Requests: 50 HTTP requests in this frame

Frame: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Frame ID: 2C51D8FC513689131172AA6FC523B31E
Requests: 22 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001677102888C1C47FE9D28DAA8BE3
Frame ID: 5CBA7C637E8A1F8D07FE573AA90F9DBD
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
Frame ID: 675500282AA83E460E629EDD9E841852
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1120.23353/a/CA/t_.js?cid=c010&cls=C
Frame ID: 4E535F647D4F4F8BC5C9C57F3147E848
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: A1E09D28FBB75976DEE36488CF31D7DE
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEAb0Htw9mmbB0R5Qafbq_zI&google_cver=1
Frame ID: 696156899290309A716A452A3322FE4C
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=86234
Frame ID: F33100F59DE8B33B5EC396341203A9E8
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 9EEA3C1547F7566FF3BD54C7038BB078
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 56578A2CDB54CFE18B03A48220F4C805
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Frame ID: 0C0927192B73CA2D7B0EB55E63C9CF47
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Leipzig vs Manchester City WeakStreams

Detected technologies

Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

255
Requests

85 %
HTTPS

44 %
IPv6

80
Domains

104
Subdomains

78
IPs

8
Countries

19954 kB
Transfer

33682 kB
Size

81
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://whos.amung.us/cwidget/sevaqeifj/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=51400&c=000000ffffff&p=left
Request Chain 84
  • https://whos.amung.us/cwidget/bkw7sodkdx/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=119500&c=000000ffffff&p=left
Request Chain 146
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001677102888C1C47FE9D28DAA8BE3 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e15fd23142b7d9a0fb64ddc0c0e1827c&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=5c0ea31a97299608 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
Request Chain 159
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
Request Chain 160
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://sync.sharethis.com/nlsn?uid=1295b76c04aff354504933301651725f
Request Chain 161
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2eNDdWpmbHTs4owzvffc9WUpSwCCdkn7ZtRJKQ7PXwUo&gdpr=0&gdpr_consent=
Request Chain 162
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGQABmP2jykAAAAIS%2BKSAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3633793719547723782 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMzc5MzcxOTU0NzcyMzc4MhAAGg0Iqp7anwYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=ef382c47d29094eef7dad2712efb05098a4155580eac6a088f042d0d038022e9f4cb09cee1a4f8eb&person_id=3633793719547723782&eid=50082
Request Chain 163
  • https://tags.bluekai.com/site/59574?id=ZGQABmP2jykAAAAIS%2BKSAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Request Chain 166
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGQABmP2jykAAAAIS%2BKSAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1120.23353%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1120.23353%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=56497015 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=QnBXdllDd005OVl3Q3dqTQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=QnBXdllDd005OVl3Q3dqTQ%3D%3D&google_tc= HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEAb0Htw9mmbB0R5Qafbq_zI&google_cver=1
Request Chain 168
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 193
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw&rnd=32229 HTTP 303
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw&rnd=32229&_li_chk=true&previous_uuid=294a3c0296684394a1f8cd93e492ca77 HTTP 303
  • https://i6.liadm.com/s/59074?bidder_id=204553&rnd=32229&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw
Request Chain 194
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GM4icSZHesOXP8QTTMWSmCyw&rand=66695&pu= HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GM4icSZHesOXP8QTTMWSmCyw&rand=66695&pu=&expected_cookie=f5449e41-3c42-4dfb-a982-a2f9a9a28f6b
Request Chain 195
  • https://um.simpli.fi/lj_match?r=95304 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=DFEED44931E741108CE6B124866ABAEA
Request Chain 196
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw&rnd=23055 HTTP 303
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw&rnd=23055&_li_chk=true&previous_uuid=85304defa90747059eef930fb4dcf57c HTTP 303
  • https://i6.liadm.com/s/57333?bidder_id=204553&rnd=23055&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw
Request Chain 203
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GM4icSZHesOXP8QTTMWSmCyw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GM4icSZHesOXP8QTTMWSmCyw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=198f51531bafa2ad3942e808c9801242
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjFOd0FNYWU2eUYxYkprX2hiMUstME1sdmw5TVg0Y1hnQmNHSzgxd014Zmc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEEXxLT6w3tUFsyzL1Cp8ID4&google_cver=1
Request Chain 208
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=a34459af-6a46-4292-a73a-6c6946667136&bid=1e2n4ou
Request Chain 209
  • https://tags.bluekai.com/site/29535?limit=1&id=2LWqBfDehMquF8nOOGv_QXaMhrDqhemn2rNb5qveWjoQ HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
Request Chain 210
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2iMmjKbKwxOXZPEibuZ1m49H2S3EB63T9s4IUDm8paJ4 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3081&partner_device_id=2iMmjKbKwxOXZPEibuZ1m49H2S3EB63T9s4IUDm8paJ4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0bd8987a-7773-490b-bb6d-b979e00ed1d3%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a34459af-6a46-4292-a73a-6c6946667136&ttd_puid=0bd8987a-7773-490b-bb6d-b979e00ed1d3%2C%2C
Request Chain 211
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7817812823529289462&newuser=1&referrer_pid=51md42u
Request Chain 213
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=198f51531bafa2ad3942e808c9801242 HTTP 307
  • https://cm.mgid.com/m?c=198f51531bafa2ad3942e808c9801242&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Request Chain 214
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=198f51531bafa2ad3942e808c9801242 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=198f51531bafa2ad3942e808c9801242&dcc=t
Request Chain 215
  • https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9026057046332725502/gdpr=/gdpr_consent=
Request Chain 216
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E3766EEF-2177-4960-9998-5CA08AF4D09B&gdpr=0
Request Chain 217
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a34459af-6a46-4292-a73a-6c6946667136/gdpr=0/gdpr_consent=
Request Chain 218
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=198f51531bafa2ad3942e808c9801242&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=198f51531bafa2ad3942e808c9801242&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2629024e-16d1-4ae6-af57-2017f5cd6720%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D2629024e-16d1-4ae6-af57-2017f5cd6720%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a34459af-6a46-4292-a73a-6c6946667136&ttd_puid=2629024e-16d1-4ae6-af57-2017f5cd6720%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D2629024e-16d1-4ae6-af57-2017f5cd6720%2C HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=2629024e-16d1-4ae6-af57-2017f5cd6720
Request Chain 219
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=756a36c64ed0583cce0fef210b6fa841
Request Chain 220
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=198f51531bafa2ad3942e808c9801242&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=198f51531bafa2ad3942e808c9801242&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91379275860337797313989423024488539310/gdpr=0
Request Chain 223
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=198f51531bafa2ad3942e808c9801242 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=198f51531bafa2ad3942e808c9801242
Request Chain 225
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-682dba47-0962-41cb-77d8-baa651e6d379$ip$149.56.153.187&gdpr=0&gdpr_consent=
Request Chain 226
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-Hc1VzfxE2pwijYozFwUTF.Mu0A2SQyeERPk-~A&gdpr=0
Request Chain 227
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=287863f6-8f2c-4e00-bc15-d85beddae817&src=lot&gdpr=0
Request Chain 228
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3990cc86-23a1-40e9-a109-e49dda5664fd-63f68f2c-4341/gdpr=0
Request Chain 229
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=Y-aPLAAJIGbG1wAF HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y-aPLAAJIGbG1wAF/gdpr=0&_test=Y-aPLAAJIGbG1wAF
Request Chain 234
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/198f51531bafa2ad3942e808c9801242/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7889870417567217398/gdpr=0
Request Chain 235
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=837892127 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D837892127 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8922027604203508338/gdpr=0/rand=837892127

255 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request leipzig-vs-manchester-city-weakstreams.html
en.weakstreams.live/p/
156 KB
32 KB
Document
General
Full URL
https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fba7b5fcce2ce08e96a9b7eaf914088c9061cd8e7a5b63c5898b2f7baf44424a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
32781
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 21:54:46 GMT
etag
W/"935ec356165f114ff6125023af01c0a1b8f8e4d4caee5a2346792c617293b595"
expires
Wed, 22 Feb 2023 21:54:46 GMT
last-modified
Wed, 22 Feb 2023 19:58:25 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all.css
pro.fontawesome.com/releases/v5.15.3/css/
170 KB
32 KB
Stylesheet
General
Full URL
https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 17:21:37 GMT
server
cloudflare
x-amz-request-id
HVX51996BWHXA93M
age
2470517
etag
W/"a28e912c1a41becec7f68848d739d5c0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556926
cf-ray
79daf651ebb3ece6-YUL
x-amz-id-2
BbdkbcXGyz13gos5b0SegtMDNd4KrR1+sJ715GTyRIodcBgwbIL/cPyNcoYgHMx4T7qo16wJbgw=
tag.min.js
inklinkor.com/
73 KB
25 KB
Script
General
Full URL
https://inklinkor.com/tag.min.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7feb08bafb725fa2cfd32693c8b4c7c4fee2a0f6c498ced6cae00cd3a7c5cb91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trace-id
e8544eff7b1fece3f53ea63c0f7e3572
pragma
no-cache
last-modified
Wed, 22 Feb 2023 09:03:40 GMT
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAZDh2fJ%2Bz6c%2BfigxlMdYKWhzsxiH1UTX%2BRe8Zs%2F%2FeQx3x4sgT38UxMjocmbsBcv8XIGLOjpL%2FIDxQWk%2BV3lLK1qNl4kfMfGsS3LP6PI9U07txDKhcM8K1PNnxzlBiUVFAONwTV17JQufdmp"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
cf-ray
79daf6523c6f8cae-EWR
expires
Thu, 23 Feb 2023 21:09:54 GMT
p.css
p.typekit.net/
5 B
181 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=byr0bra&ht=tk&f=6846.15528.15529.15530&a=4009364&app=typekit&e=css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b92 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
last-modified
Thu, 28 Jul 2022 21:30:08 GMT
server
nginx
etag
"62e2ffe0-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
399014768216219ec7f36080c20a1148be863d4368096122a29fbc941b34b98f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49323
x-xss-protection
0
server
cafe
etag
18194062254167006582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 21:54:46 GMT
authorization.css
draft.blogger.com/dyn-css/
1 B
769 B
Stylesheet
General
Full URL
https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=4835291454120482391&zx=41c6038d-a548-4b08-8fdb-280a08014830
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2009 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 22 Feb 2023 21:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Feb 2023 21:54:46 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07e:9:face:b00c:0:3 Somerville, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
303e9d20bd7aca89b2eb2e623e4f6803eb50f3e23a5fdc9deee9e7356ae28011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://en.weakstreams.live/
Origin
https://en.weakstreams.live
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 21:54:46 GMT
content-md5
e8Q37xBFmHUHiFGZe63r6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
I2RK4jOzXtBHAl1CbrfBINEaAH/WyOzIR5qh3LSFg66cpCz40keSVJthZXC18VSjYy7SPd88mGoAr3WD9RS81g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
ae04df006e6dab48cb0fda54e9018338
cross-origin-opener-policy
same-origin-allow-popups
etag
"3592c6d0bd5f2438ac349b7f8aaffb41"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 22 Feb 2023 21:58:02 GMT
AVvXsEhDmZKFeeu0r_Ig-Rh_er1ANkk1DoBqi_jLWlmJ1kN9ah0yd6M6IxFYpXJBEaIE98LVJUlo-9ApF0ovSmXWJucERN0wx83Z45NHWVNZQ_Q4ZEcmQxBPi6-QNsAFZbNBJnM7tX4I1OiJzII_bu1vq6GMkW6_8fmgne3j77mo6vZr0qLOD6Y-K7WfoxtD=s150
blogger.googleusercontent.com/img/a/
1 KB
2 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhDmZKFeeu0r_Ig-Rh_er1ANkk1DoBqi_jLWlmJ1kN9ah0yd6M6IxFYpXJBEaIE98LVJUlo-9ApF0ovSmXWJucERN0wx83Z45NHWVNZQ_Q4ZEcmQxBPi6-QNsAFZbNBJnM7tX4I1OiJzII_bu1vq6GMkW6_8fmgne3j77mo6vZr0qLOD6Y-K7WfoxtD=s150
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
75fd7e2ef0f1cd8749bb014c3d7ca9ab9b93e0d510c734564fa22da7a48387f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v1c9"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____.png";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1247
x-xss-protection
0
expires
Thu, 23 Feb 2023 21:54:46 GMT
m.js
ljii.github.io/m/
3 KB
2 KB
Script
General
Full URL
https://ljii.github.io/m/m.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
28d5957f0c916e10fabdac948470f4f80db1f71c65bd78eecef21876a5f065db
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-fastly-request-id
713049d4dd8a102acb09e49c4b0da9292f649139
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Feb 2023 21:54:46 GMT
age
315
x-cache
HIT
x-cache-hits
2
x-proxy-cache
HIT
content-length
1133
x-served-by
cache-yul12820-YUL
last-modified
Fri, 17 Feb 2023 18:17:49 GMT
server
GitHub.com
x-github-request-id
F500:2FB6:198A2F:1FEC52:63EFC5A8
x-timer
S1677102887.730744,VS0,VE1
etag
W/"63efc4cd-a5e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 17 Feb 2023 18:31:09 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1671284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W20ctsG76POwB5p%2B27rFUHyZwsxuLaWxUsoOxsbwvoQMmEEc3sNwJFWaoa%2BUQKuyflO%2BUqXHYFqu11WBBh7Zx8LyCyzTQjJnpeIc51JnnlWGoPW8vx1sSZqoS0lin62K5att3c6nQhLXwvIxMPy2hQfs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79daf6521dd37144-YUL
expires
Mon, 12 Feb 2024 21:54:46 GMT
970527945-widgets.js
www.blogger.com/static/v1/widgets/
153 KB
56 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/970527945-widgets.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2009 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b2f98c02576467b90635ffc738de20017b888617285910ee6a006c7d816b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56532
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 22:53:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 22 Feb 2024 21:10:08 GMT
sdk.js
connect.facebook.net/en_US/
301 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=64f165777d90253cf5a0a22d3b8fa50c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07e:9:face:b00c:0:3 Somerville, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df39dd4031693ae7f32f1e4d67d59433cef4e43fcfac0a2fd9a22aa9e1eb8eaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://en.weakstreams.live/
Origin
https://en.weakstreams.live
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 21:54:46 GMT
content-md5
Jhya6gb4OYY4lu585mRI8Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87019
x-fb-rlafr
0
x-fb-debug
66XrgdM1zZR7Mie4VNqMg91Yvv3Lw1O88+KmfljKwB4j5J+n+z1xfDze9T3opEyZo5kSK6gcwktF5uL2ICoAJw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
3289086e84f020c411b048b4dbb80581
cross-origin-opener-policy
same-origin-allow-popups
etag
"52d28d30b1597ec75ca5298d972aac19"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 22 Feb 2024 21:28:32 GMT
country_name
ipapi.co/
6 B
540 B
Fetch
General
Full URL
https://ipapi.co/country_name
Requested by
Host: ljii.github.io
URL: https://ljii.github.io/m/m.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be55ef3f4c4e6c2d9c2afe2a33ac90ad0f50d4de7f9163999877e2a9ca5a54f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Host, Origin
allow
OPTIONS, POST, GET, OPTIONS, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://en.weakstreams.live
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvecRPR%2FHkJUz6AXIWAKoW4dmoSgIZjylqnh4%2BwnlFV5oT3PL7zLprviPg54XdAWlCJuJ4soGDzbQsvO8v%2BftCiLSRey1TID4u65M910OGmoqh8NKTPB2DJ%2F38S47nWt8DZQ7fQz"}],"group":"cf-nel","max_age":604800}
x-frame-options
DENY
cf-ray
79daf652ef973964-IAD
content-length
6
/
href.li/ Frame ADEF
0
0
Document
General
Full URL
https://href.li/?https://gamerarcades.com/assets/ts1.html
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.yyz _dca MISS
/
href.li/ Frame B707
0
0
Document
General
Full URL
https://href.li/?https://sportsembed.su/channels/hd/hd3.php
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.yyz _dca MISS
/
href.li/ Frame A492
0
0
Document
General
Full URL
https://href.li/?https://weakstream.org/streams/10865866
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.yyz _dca MISS
/
href.li/ Frame E212
0
0
Document
General
Full URL
https://href.li/?https://techclips.net/clip/s1.html
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.yyz _dca MISS
fa-regular-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/
165 KB
165 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-regular-400.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer
https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin
https://en.weakstreams.live
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
cf-cache-status
HIT
x-amz-request-id
565BM0HY6DRTNHN2
age
6867
content-length
168768
x-amz-id-2
FmI+I7cSQvmQ77mgDAix5Jl+ry+cnb03UZUz2tTFG/wAmOVB+WWhJ920GRGTwOhNR3Y0JYqyvG4=
last-modified
Mon, 28 Jun 2021 17:23:20 GMT
server
cloudflare
etag
"d8689b99dce7c881d3130f3c91cfefdf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
79daf652bfd87139-YUL
6xKjdSxYI9_3nPWNAGn5LA.woff2
fonts.gstatic.com/s/sen/v2/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sen/v2/6xKjdSxYI9_3nPWNAGn5LA.woff2
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.weakstreams.live/
Origin
https://en.weakstreams.live
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 20:58:43 GMT
x-content-type-options
nosniff
age
521763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10108
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:43:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 20:58:43 GMT
l
use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415

Request headers

Referer
https://en.weakstreams.live/
Origin
https://en.weakstreams.live
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
etag
"e2418760f00448874f89ae40256bf9d1d180c197"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18512
/
cup.yalla-shoot.video/albaplayer/bien-sports-1/ Frame 6726
0
0

/
online.alkoora.live/albaplayer/on-time-sport-1/ Frame 2A1D
0
0

/
href.li/ Frame F2D8
502 B
243 B
Document
General
Full URL
https://href.li/?https://gamerarcades.com/assets/ts1.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f82cfb4317fe3bca9e928d67098ca1b632b7f22d0f92c9a4a95df8ef29180133
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.yyz _dca MISS
/
href.li/ Frame 290D
511 B
247 B
Document
General
Full URL
https://href.li/?https://sportsembed.su/channels/hd/hd3.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9b9ffafee7dc14114cbd1002c085a5696192601101afb79ff85a14035ef2a7bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.yyz _dca MISS
/
href.li/ Frame D3F2
498 B
243 B
Document
General
Full URL
https://href.li/?https://weakstream.org/streams/10865866
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1f3209e555b450773b9da8283feb43e5c4d115708f2d582c05705731ff3fb5ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.yyz _dca MISS
/
cup.yalla-shoot.video/albaplayer/bien-sports-1/ Frame 9543
24 KB
10 KB
Document
General
Full URL
https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047067042f122d0868ea460e409d317a5501baf6bbe3c9164a750f2d1332b7ff

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79daf6532ba318a1-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 21:54:47 GMT
link
<https://cup.yalla-shoot.video/wp-json/>; rel="https://api.w.org/" <https://cup.yalla-shoot.video/?p=5746>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QS27jQZ%2BuTApBWPy%2Fye9oFo9o3nUx7sQBd9elrqsz9WOvmwZR66YbljVsQqx6xzSCB9D8BZs3t4d%2Bm%2B3gLzoQVQs48wH81DGRmkssDoULQtNw%2FcSgzlXv77jFSZrGNo6v71rwcYi1xjPuuCar6jevoYbhus%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
online.alkoora.live/albaplayer/on-time-sport-1/ Frame 2F62
28 KB
11 KB
Document
General
Full URL
https://online.alkoora.live/albaplayer/on-time-sport-1/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:fc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91aa0f92553b3ef61a86d320456d2bf062ea716b2292277eb586713bab59dd95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
79daf6533887390b-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 21:54:47 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
HIT
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
/
href.li/ Frame DB8D
478 B
236 B
Document
General
Full URL
https://href.li/?https://techclips.net/clip/s1.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a8039008b0fc4228fe06a0e5330f0eba03aca6392a1e5a6c19827a0fd2e60e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 21:54:46 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.yyz _dca MISS
/
bedrapiona.com/5/5636860/
0
463 B
XHR
General
Full URL
https://bedrapiona.com/5/5636860/?oo=1&js_build=iclick-v1.491
Requested by
Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Wed, 22 Feb 2023 21:54:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://en.weakstreams.live
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
/
bedrapiona.com/5/5638719/
0
462 B
XHR
General
Full URL
https://bedrapiona.com/5/5638719/?oo=1&js_build=iclick-v1.491
Requested by
Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Wed, 22 Feb 2023 21:54:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://en.weakstreams.live
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230221/r20190131/ Frame DCF1
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230221/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.weakstreams.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
53501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 07:03:06 GMT
etag
10353107486223812946
expires
Wed, 08 Mar 2023 07:03:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
authorization.css
draft.blogger.com/dyn-css/
1 B
111 B
Stylesheet
General
Full URL
https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=4835291454120482391&zx=41c6038d-a548-4b08-8fdb-280a08014830
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2009 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://en.weakstreams.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Feb 2023 21:54:47 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
ts1.html
gamerarcades.com/assets/ Frame F2D8
5 KB
2 KB
Document
General
Full URL
https://gamerarcades.com/assets/ts1.html
Requested by
Host: href.li
URL: https://href.li/?https://gamerarcades.com/assets/ts1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f057f960b9c5cdfba9c3bf63981c8aa8eeff55dec2cfb56774c640f32115dc3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79daf6544dd98ccd-EWR
content-encoding
br
content-type
text/html
date
Wed, 22 Feb 2023 21:54:47 GMT
greydedi
HIT
last-modified
Thu, 19 Jan 2023 17:11:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dCmi%2BZci4mfx7oUk7dDjfQgdBkD%2FTQuN6BYYpIIo39aOXuMsp3blCKM%2Fr3T6HSOyrfd0fLH49pm6vPEyDESC4wROrAcrQ8AZutbax8HW2PJgs4sfWoVbvSKfITVor0J13lJ2p7QCg24mis2uzzu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-turbo-charged-by
LiteSpeed
hd3.php
sportsembed.su/channels/hd/ Frame 290D
3 KB
2 KB
Document
General
Full URL
https://sportsembed.su/channels/hd/hd3.php
Requested by
Host: href.li
URL: https://href.li/?https://sportsembed.su/channels/hd/hd3.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
1b49036650d897e47295219f73f922db17e3dfeb49ae07f0cee19d9aac5bd91a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79daf6545fbd8c6c-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 21:54:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR1BFBgccGsWaBWOtzzIwO8Gg9DO%2BxID%2FRC2nnG6LzO8F7YQXuz%2F0nnWKc1os2PyP%2BBjlOX1M1b2E8HbtGJi%2BSkN%2BUVyFELTOUjunteBeAhxu%2F9zdy%2BkAez0wxQwYizIL43t1s2nrvs%2Bv5tv3w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
10865866
weakstream.org/streams/ Frame D3F2
5 KB
3 KB
Document
General
Full URL
https://weakstream.org/streams/10865866
Requested by
Host: href.li
URL: https://href.li/?https://weakstream.org/streams/10865866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9254bf653fd6c9d0fcffc641621a4bbc307fd2e9c76244c99475a553f50218bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1980
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
79daf654596515c3-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 21:54:47 GMT
last-modified
Wed, 22 Feb 2023 21:21:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgYzjaXrmr2LDzI%2FIXvtTLNu6SDxDMv8HbthHjwSqGF%2Fp7ajxF%2FrgPO%2BL%2B0AlWpsUap%2BvPCoM2%2F%2Brf0bgInmaIfbJ1X8BrRRzLib5ZyYUS3B2sdzVFKJg0kcuKM3BUE4ijZ%2FAwnJ7B%2FlHf3wmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s1.html
techclips.net/clip/ Frame DB8D
6 KB
3 KB
Document
General
Full URL
https://techclips.net/clip/s1.html
Requested by
Host: href.li
URL: https://href.li/?https://techclips.net/clip/s1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f95672fcda24f2641a098edd91a930d8676b93aaec843b642601b61d0365573
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79daf65498e6c477-EWR
content-encoding
br
content-type
text/html
date
Wed, 22 Feb 2023 21:54:47 GMT
greydedi
HIT
last-modified
Sun, 15 Jan 2023 18:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irqqaWX2MUodA3eEq1oyEG4AAYw3R3AlR%2FF9OYUFTuvG8HQewrAf2YkkNJSUJs8W5GK8fSDsyzSOIC9Mk54SzeuY1lwZqEDiDYXz9a9W9pxievoJD%2Fw39%2BFpIUFwKjCqlIgQs%2BSxNawEnQUh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-turbo-charged-by
LiteSpeed
c1.php
stad.yalla-shoot.io/sa/ Frame D7AC
9 KB
4 KB
Document
General
Full URL
https://stad.yalla-shoot.io/sa/c1.php
Requested by
Host: cup.yalla-shoot.video
URL: https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce4bfb3c50cafc452e29455c2f795d86c12831475888bd1d556d88d97a56b435

Request headers

Referer
https://cup.yalla-shoot.video/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
79daf656b980396a-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 21:54:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gFzFbuAKd3mkrnZKw63C5SflZO5GskpZpRYIv4dFrABq8CwK7ghsFLfzLt52Q9yE%2F%2Bl2l0aiBaT0W4y6AKE%2FLdrvbL2lDDkCUDy0zZ2m3YQ2smw3JU6csZjBZQOPb1xmdh8ijp6Vu%2FMzLDK6inC2ig%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
BYPASS
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/ Frame D3F2
456 KB
124 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
Requested by
Host: weakstream.org
URL: https://weakstream.org/streams/10865866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c67127a469f309f1797390b95f7c0aa9626151d34d410d082e2391a55715e90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
48840
x-jsd-version
0.4.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
126915
x-served-by
cache-fra-eddf8230024-FRA, cache-yul12824-YUL
x-jsd-version-type
version
etag
W/"72005-xDPIgqHJfOeFuHY26QsUErnjK9w"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hlsjs-p2p-engine.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame D3F2
177 KB
47 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Requested by
Host: weakstream.org
URL: https://weakstream.org/streams/10865866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4f481e890cb7357460821eafbc7678fe6900c001c97a6520091c6c44bd2a328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5648
x-jsd-version
1.21.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47582
x-served-by
cache-fra-eddf8230069-FRA, cache-yul12824-YUL
x-jsd-version-type
version
etag
W/"2c5b1-Hb5WHC2wG79jOsHQCLzlmXmj4b0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr-plugin.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame D3F2
3 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Requested by
Host: weakstream.org
URL: https://weakstream.org/streams/10865866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b17cced49a457c9249178205866d08944bda661f5aefa7d395733923ad5dc057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
16625
x-jsd-version
1.21.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1148
x-served-by
cache-fra-eddf8230070-FRA, cache-yul12824-YUL
x-jsd-version-type
version
etag
W/"bc2-Zh9Ejh+gezJ0K1G3K4HjkkcIvTg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame D3F2
30 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: weakstream.org
URL: https://weakstream.org/streams/10865866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5644
x-jsd-version
0.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10250
x-served-by
cache-fra-eddf8230055-FRA, cache-yul12824-YUL
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ Frame D3F2
110 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145079013-1
Requested by
Host: weakstream.org
URL: https://weakstream.org/streams/10865866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e770339b44aff50751d1a94a306fca7c5e4107c4ba2f207ceab57940b110db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44158
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 21:54:47 GMT
foundation.js
befirstcdn.com/script/ Frame D3F2
98 KB
33 KB
Script
General
Full URL
https://befirstcdn.com/script/foundation.js
Requested by
Host: weakstream.org
URL: https://weakstream.org/streams/10865866
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b8fb6c30974456ab768748246591a483af46679c00c6e154cfe5f5a99e2839

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3135
x-guploader-uploadid
ADPycdvU4aaVksh2kwntMoKhD3iaWeCeeh9nm_Wn0fZJzqKgSKRCuP90qFGkqXZ4i9-kDTzsbWDYUbIP77KeWME1Hw8dlOZozA0H
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 16 Feb 2023 09:26:38 GMT
server
cloudflare
etag
W/"2604bcade722ade53951502593ded70f"
vary
Accept-Encoding
x-goog-hash
crc32c=fOnjew==, md5=JgS8recireU5UVAlk97XDw==
x-goog-generation
1676539598782828
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
100754
cf-ray
79daf6567c3233ff-YUL
expires
Thu, 23 Feb 2023 01:54:47 GMT
rocket-loader.min.js
gamerarcades.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F2D8
12 KB
4 KB
Script
General
Full URL
https://gamerarcades.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/assets/ts1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Feb 2023 11:26:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63f4aa6c-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6X0kWM4oGJedt0niF7FeifSDgpQqTNpFFUAnX6Mmii9ZqcArpgG%2Fd%2FSNBRKtZDtZm33xWky9zPyYq%2FYEM5kuiGTKM9PQAIZmdz76UasFJhfl74y%2FfpgsC%2FlRVO9DodGpg8suH9Fl676Ber9eeFTy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
79daf6564ab38ccd-EWR
expires
Fri, 24 Feb 2023 21:54:47 GMT
rocket-loader.min.js
techclips.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame DB8D
12 KB
4 KB
Script
General
Full URL
https://techclips.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: techclips.net
URL: https://techclips.net/clip/s1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Feb 2023 11:26:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63f4aa6c-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h992I7IGRTIFD2Zx1%2Bo835UP8GguJiqzlImuvXdSB0U1qj892EbfnUtK%2BirP2sAK0Tqk65xDYbwe%2FkNIsNjN7UJlQnUkc07i77nBAPcLYy%2BpE0pXObh10zXD4vkFUDT%2F3ZCl0XGY%2FrBPVpRe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
79daf6566cf8c477-EWR
expires
Fri, 24 Feb 2023 21:54:47 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ Frame DB8D
17 KB
6 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: techclips.net
URL: https://techclips.net/clip/s1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://techclips.net/clip/s1.html
Origin
https://techclips.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
79daf6568ae2714a-YUL
foundation.js
befirstcdn.com/script/ Frame 290D
98 KB
33 KB
Script
General
Full URL
https://befirstcdn.com/script/foundation.js
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b8fb6c30974456ab768748246591a483af46679c00c6e154cfe5f5a99e2839

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3135
x-guploader-uploadid
ADPycdvU4aaVksh2kwntMoKhD3iaWeCeeh9nm_Wn0fZJzqKgSKRCuP90qFGkqXZ4i9-kDTzsbWDYUbIP77KeWME1Hw8dlOZozA0H
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 16 Feb 2023 09:26:38 GMT
server
cloudflare
etag
W/"2604bcade722ade53951502593ded70f"
vary
Accept-Encoding
x-goog-hash
crc32c=fOnjew==, md5=JgS8recireU5UVAlk97XDw==
x-goog-generation
1676539598782828
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
100754
cf-ray
79daf6568c4e33ff-YUL
expires
Thu, 23 Feb 2023 01:54:47 GMT
SCCfwxq.png
sportsembed.su/channels/hd/ Frame 290D
1 KB
2 KB
Image
General
Full URL
https://sportsembed.su/channels/hd/SCCfwxq.png
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/channels/hd/hd3.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 14:48:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7165
etag
"61af7432-4c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2txVNYQLZNo1jLLlJBa6zwlAhj%2FHSMApoz5BjUARPkP86DKPy8P2Sh2BDBD3SX56DBVxCfr%2BzluvJTMWzX%2BpeXSR2y6NivI5LYlrnI8eZbwuMVmZ4NZ659oHKau8GqdUGL%2FgsAKOBYUpvyIXeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79daf6568cdd8c6c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1220
/
widgets.amung.us/draw/ Frame 290D
Redirect Chain
  • https://whos.amung.us/cwidget/sevaqeifj/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=51400&c=000000ffffff&p=left
1 KB
2 KB
Image
General
Full URL
https://widgets.amung.us/draw/?w=colored&n=51400&c=000000ffffff&p=left
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af3080c860328d1c1ee246a6320fd0fb505bbe46ba2c961cc52fb406920b2139

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 19:59:01 GMT
server
cloudflare
age
93346
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
79daf659ca8d178c-EWR
expires
Wed, 22 Feb 2023 19:59:01 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=51400&c=000000ffffff&p=left
date
Wed, 22 Feb 2023 21:54:47 GMT
cache-control
max-age=295
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
79daf658e8ff178c-EWR
content-type
text/html; charset=UTF-8
koravip
vkplay.live/app/embed/ Frame 1FDE
127 KB
32 KB
Document
General
Full URL
https://vkplay.live/app/embed/koravip
Requested by
Host: online.alkoora.live
URL: https://online.alkoora.live/albaplayer/on-time-sport-1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash
11c5c03e935fbb5342d3609e29dfd221d293ee139bb6bc946b10c122d9b5d729
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://online.alkoora.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Feb 2023 21:54:48 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
js
www.googletagmanager.com/gtag/ Frame F2D8
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-155376540-2
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90dcd0582fff6b29abe323d7063b7b78d96a12b1c546a82fa0e25d4d6a88f0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45139
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Feb 2023 21:54:47 GMT
jqueri.php
gamerarcades.com/ Frame F2D8
940 B
1 KB
Script
General
Full URL
https://gamerarcades.com/jqueri.php
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
094a847f11e4454077462c169fff8629e0287e9b8155524f00d7fbaac460c226
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
greydedi
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4imcqkBVt7iCMzsqI3T0czW8vODbElYNjWZfFbV4fQQs1%2Fnnn4BtS7LZWSo%2BvrdK8zB1HAsCwzmwB2WdlfSUIHDZ7E8I1z3Vvo3dfzgLngaz5pgnh4gL0WDEB3AGH9URDvLND0TWaAxnU2U67v4T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
79daf658886b333c-EWR
expires
Wed, 01 Mar 2023 21:54:15 GMT
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame F2D8
30 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5645
x-jsd-version
0.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10250
x-served-by
cache-fra-eddf8230055-FRA, cache-yul12824-YUL
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr-plugin.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame F2D8
3 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b17cced49a457c9249178205866d08944bda661f5aefa7d395733923ad5dc057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
16625
x-jsd-version
1.21.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1148
x-served-by
cache-fra-eddf8230070-FRA, cache-yul12824-YUL
x-jsd-version-type
version
etag
W/"bc2-Zh9Ejh+gezJ0K1G3K4HjkkcIvTg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
hlsjs-p2p-engine.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame F2D8
177 KB
47 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4f481e890cb7357460821eafbc7678fe6900c001c97a6520091c6c44bd2a328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5648
x-jsd-version
1.21.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47582
x-served-by
cache-fra-eddf8230069-FRA, cache-yul12824-YUL
x-jsd-version-type
version
etag
W/"2c5b1-Hb5WHC2wG79jOsHQCLzlmXmj4b0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame F2D8
513 KB
138 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5648
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
141142
x-served-by
cache-fra-eddf8230067-FRA, cache-yul12824-YUL
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
invisible.js
gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame FA0B
38 KB
16 KB
Script
General
Full URL
https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677096000
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a4fdcb963dc43dd7fe6084fc6b3421f0cca28587e83eca8f670417f777c48f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtG2TA89bAfaQwzRylwgn6yHgFeEspJdPKF2QuKI%2Fy2rj8FCFu6J0xw4xLBNJlBmCzX8xOGpU2B8hjUEWbOxzPeTCRjEIlJo0iYB8VAlrsDVBjsVpRP16IANyhTPAOw9MMvSOSD%2Bk5acDn3lH4fq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79daf658886c333c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame DB8D
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-155376540-3
Requested by
Host: techclips.net
URL: https://techclips.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
120dafaaabd5a22fa79d411e494811ee1163ecf6eee763cee17ee0f7308f9352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45145
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Feb 2023 21:54:47 GMT
jqueri.php
techclips.net/ Frame DB8D
940 B
1 KB
Script
General
Full URL
https://techclips.net/jqueri.php
Requested by
Host: techclips.net
URL: https://techclips.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d2af0cf34303f0cd23e85682214cf5bcd3a73014a8540c5b6f3c4abf18e3b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
greydedi
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gx8JZESEvazTAWdL7HBBBdHOrT1rpOvaSIyCKSoxSG2R9WJuMVkqaHlvBsEjMnXjBeHHTS1doPLykWUXMe3zxidVxaMVv1VJXbuLESYhQ9EIkDE3qWgb9nSXL9Y0qaiJ6egUUExCQqTXNI7d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
79daf658a8761a40-EWR
priority
u=1,i=?0
expires
Wed, 01 Mar 2023 21:54:34 GMT
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame DB8D
30 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: techclips.net
URL: https://techclips.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5645
x-jsd-version
0.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10250
x-served-by
cache-fra-eddf8230055-FRA, cache-yul12831-YUL
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr-plugin.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame DB8D
3 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Requested by
Host: techclips.net
URL: https://techclips.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b17cced49a457c9249178205866d08944bda661f5aefa7d395733923ad5dc057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
16626
x-jsd-version
1.21.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1148
x-served-by
cache-fra-eddf8230070-FRA, cache-yul12831-YUL
x-jsd-version-type
version
etag
W/"bc2-Zh9Ejh+gezJ0K1G3K4HjkkcIvTg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
hlsjs-p2p-engine.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame DB8D
177 KB
47 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Requested by
Host: techclips.net
URL: https://techclips.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4f481e890cb7357460821eafbc7678fe6900c001c97a6520091c6c44bd2a328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5649
x-jsd-version
1.21.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47582
x-served-by
cache-fra-eddf8230069-FRA, cache-yul12831-YUL
x-jsd-version-type
version
etag
W/"2c5b1-Hb5WHC2wG79jOsHQCLzlmXmj4b0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame DB8D
513 KB
138 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: techclips.net
URL: https://techclips.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:47 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5648
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
141142
x-served-by
cache-fra-eddf8230067-FRA, cache-yul12831-YUL
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
invisible.js
techclips.net/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame E168
31 KB
14 KB
Script
General
Full URL
https://techclips.net/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79daf65498e6c477
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4598a00ca8ef68f32b2cc69074851808aa6bbf8f5b7920d20aa14eb2828aa15

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aruHBc3D5dWtbT%2FQDZLfQPuCirJw5vjeCUzTTPmtkinDJa2nHC2B7ZBfhoVnMhxAzaU5E5HDvHxW18QkLRkjePZTw%2BTCi7PM28EFF3HxYe3NZaVNLZiHTZeqCcyIFNNnoewxU4G5qqojMJK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79daf658a87a1a40-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
ut.js
befirstcdn.com/script/ Frame 290D
70 KB
24 KB
Script
General
Full URL
https://befirstcdn.com/script/ut.js?cb=1677102887790
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3229
x-guploader-uploadid
ADPycdtUSaqMVgKiWtXkQPFhyX8ChF3iPLLipvxspW2ZNPAnIc_fZmHTVbL30pxOPamCZO5WQVld83ciuqCDusPz0GgL-yL2oMIH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Jan 2023 10:13:06 GMT
server
cloudflare
etag
W/"32cbc0400462d7cfabd88795319e259b"
vary
Accept-Encoding
x-goog-hash
crc32c=WRmDUA==, md5=MsvAQARi18+r2IeVMZ4lmw==
x-goog-generation
1674555186374348
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
72138
cf-ray
79daf658c92c33ff-YUL
expires
Thu, 23 Feb 2023 01:54:47 GMT
video_ext.php
vk.com/ Frame 7039
47 KB
17 KB
Document
General
Full URL
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Requested by
Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/sa/c1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113366
Resource Hash
e7912e57f39d52b1daa9958e9dcf0ef2612c50a3340d6c67adb916d2ffc655b4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; report=/xss_reports

Request headers

Referer
https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-expose-headers
X-Frontend
cache-control
no-store
content-encoding
gzip
content-length
15575
content-security-policy
default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
content-type
text/html; charset=windows-1251
date
Wed, 22 Feb 2023 21:54:48 GMT
server
kittenx
strict-transport-security
max-age=15768000
x-frontend
front225204
x-powered-by
KPHP/7.4.113366
x-xss-protection
1; report=/xss_reports
suurl4.php
youradexchange.com/script/ Frame 290D
1 KB
1 KB
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=4827899&chmob=%3F0&cbur=0.8947601353865218&cbiframe=1&cbWidth=728&cbHeight=360&cbtitle=&cbpage=&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4cc9e234041581b8084674226b31c0f46a4633ced6b9543d79c4e0325a79a07

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXffmI8TuJFBmos0PgboNMPbyQRCQinhrRDMKhzywLErMZFJQSGL%2FD4iTgIGhhp0oEopv3eQO5dckORmK%2F2RcSRJaGySxKwvZ5rqog4D3mpiLefCqTLvoyJlVaADzDgRqm4QCBTrUyEJz5opFkIbYpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
79daf65998b5c43b-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
eujjnbvtnml
g8400m3ybg8x3x.trustexploration.com/embed/ Frame 2C51
9 KB
4 KB
Document
General
Full URL
https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af7d91caf2e958833c3c1c025ecd44d6d8bb0c43bea46679696a38e40bb9e80

Request headers

Referer
https://sportsembed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79daf659edd23b59-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 21:54:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikSO6nCz7iFLkIwTl0Iyel4SakVdEb4Jf%2FE0uHx5s24xApf1n3C7lnAQhjf%2F91V%2FD6Eo6NQ8hUMtlBWF22hzQYNvETgiHBWZg3GW6aA7jGGk0dhsFUcFZgPmylM2OeZ0j7ve%2FRTJTAdL6FXz0F76GMFdvwN8VA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js15_as.js
s10.histats.com/ Frame 290D
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:51:12 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
bhs
accept-ranges
bytes
content-length
4364
x-request-id
944934390
gethls
weakstream.org/ Frame D3F2
72 B
391 B
XHR
General
Full URL
https://weakstream.org/gethls?idgstream=OUtBckhOVmkrTUM4dzgxdjhwL3hPZz09OjpJgzCvhgWi8n9ESTAo%2BDH8&serverid=&cid=
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf1992b3811eed8ad51ab65dda00dce84ab79045cf8ebdd01f8cf0e9c92a1800
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://weakstream.org/streams/10865866
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r61AgVTRWxRGlw3C5BJodp8zmM1m%2Ffwt1xaOkGgM%2FjbGWxiYQTd%2FdmYAWP0h8mzArwUPpUXmh8A6clXygwT9aFuTWoFtkIueDUgyYaDl%2FPhcP0lLBKmcN%2FjC49UR8f%2FAZB7BJnoNJmG397Sexg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
79daf65998cb15c3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
ut.js
befirstcdn.com/script/ Frame D3F2
70 KB
24 KB
Script
General
Full URL
https://befirstcdn.com/script/ut.js?cb=1677102887937
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:47 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3229
x-guploader-uploadid
ADPycdtUSaqMVgKiWtXkQPFhyX8ChF3iPLLipvxspW2ZNPAnIc_fZmHTVbL30pxOPamCZO5WQVld83ciuqCDusPz0GgL-yL2oMIH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Jan 2023 10:13:06 GMT
server
cloudflare
etag
W/"32cbc0400462d7cfabd88795319e259b"
vary
Accept-Encoding
x-goog-hash
crc32c=WRmDUA==, md5=MsvAQARi18+r2IeVMZ4lmw==
x-goog-generation
1674555186374348
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
72138
cf-ray
79daf659aad433ff-YUL
expires
Thu, 23 Feb 2023 01:54:47 GMT
suurl4.php
youradexchange.com/script/ Frame D3F2
1 KB
1 KB
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=5026951&chmob=%3F0&cbur=0.26512954590155813&cbiframe=1&cbWidth=728&cbHeight=360&cbtitle=&cbpage=&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d336ac893af5aecb101d217049a56bba2c2709668cc53b98bd98e67b99c0e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXm0cILbETquLQsLO0UsGsPSwX1NDTitwMwCbKHNwsMAb8JUjHg66sSdyxdeAqUHYpaXltE5IgmosKtPfH1M7imQqY%2Fn%2BUmJsyiITNOF38wWs7%2FIDakEUUR8%2FP7ajGKqw%2FUJxuqdPbf2Iwi8Q6yxhWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
79daf659c933c43b-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ Frame D3F2
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145079013-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://weakstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 20:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4044
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 22 Feb 2023 22:47:24 GMT
hb.php
youradexchange.com/ut/ Frame 290D
0
457 B
Ping
General
Full URL
https://youradexchange.com/ut/hb.php?cb=0.4780859399893649
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/ut.js?cb=1677102887790
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sportsembed.su/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33AQ%2FRqTBgQIAH2od72TaUGteuIxu%2BSAt62daZteUso2OV2JUmokIG%2FdC3rmVvfSSJbRhaDm8kpD1Y8A8I6ZXPuS0vHMeIRT36lRgLM0u6GjNBqXQrOU6lwGDZ5aCj7qqQv8boU9LHtnTaS8kvSqK8I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79daf65abc67c354-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame FA0B
20 KB
9 KB
Other
General
Full URL
https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e0cbdb64323024f165fe69818fe82c711d8ce44ce4d433419a8e076612a544

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEuj87EGdz7rx0IRfKB79JyJvin7ZoCJ6PTOqDFhcJKMYGV0UprO4ZDKyw3s4vDtB4DRHcKAWRVJApVM4qFMn1Ka8j8Xh0%2F0S5fHv4t9XPFJSFTnXawbIdMXWDwHlscpNFD9L4%2FZxI65NRe8DZaT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79daf65aac5b333c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
0.php
s4.histats.com/stats/ Frame 290D
382 B
517 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4743517&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-146975178&@b3:1677102888&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534297.ip-149-56-240.net
Software
/
Resource Hash
e130342d547b9e5577207c6c999be799e774684e51c079d2a8bfb88c2a6440d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:48 GMT
Connection
close
Content-Length
382
Content-Type
text/html;charset=UTF-8
pica.js
techclips.net/cdn-cgi/challenge-platform/h/g/scripts/ Frame E168
18 KB
8 KB
Other
General
Full URL
https://techclips.net/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786d798c3a80c991cfaa928a6773c51595d3cabba04c5cf0270d6f8e0784a4b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u%2FLpqdDW309oslYJOSI4AyiMGwFKxyJ%2BwyFJ2ZgjP%2Bkgl3EllH%2B9n1RXg8GXC86zrfi8atWvvlJD4qGJ3zP%2BOjH6ALpoK%2Fic5kbjOB6%2FQY4jvdp2H2R%2FUUcqqKsp1feg2rgQrl0P86UKNy6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79daf65abc391a40-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=1,i=?0
hb.php
youradexchange.com/ut/ Frame D3F2
0
428 B
Ping
General
Full URL
https://youradexchange.com/ut/hb.php?cb=0.9430529714032241
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/ut.js?cb=1677102887937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://weakstream.org/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8Igxom4P9sjV8Gt%2FfMSnXYWj17StqGVZZDJsnRvETS5DrPr9E%2F5s%2BP6MM5%2BW1XwKMB20u1bv%2B2Ft7aeARHdCZMsM2BWdFQu8q0iNf9Cr%2FnDUpE36Kt%2FCQmaKle4s%2Fr1NE7ZNZYXggyOiDhlJMUKe2Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79daf65afccec354-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
foundation.js
befirstcdn.com/script/ Frame F2D8
98 KB
33 KB
Script
General
Full URL
https://befirstcdn.com/script/foundation.js
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/jqueri.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3250a9464a6cf40694cf6210309cc8757cb1cd1f2b020d127912f5216a111b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3136
x-guploader-uploadid
ADPycdvU4aaVksh2kwntMoKhD3iaWeCeeh9nm_Wn0fZJzqKgSKRCuP90qFGkqXZ4i9-kDTzsbWDYUbIP77KeWME1Hw8dlOZozA0H
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 16 Feb 2023 09:26:38 GMT
server
cloudflare
etag
W/"2604bcade722ade53951502593ded70f"
vary
Accept-Encoding
x-goog-hash
crc32c=fOnjew==, md5=JgS8recireU5UVAlk97XDw==
x-goog-generation
1676539598782828
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
100754
cf-ray
79daf65afd6c33ff-YUL
expires
Thu, 23 Feb 2023 01:54:48 GMT
ga.js
ssl.google-analytics.com/ Frame F2D8
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 21:02:19 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3149
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Wed, 22 Feb 2023 23:02:19 GMT
invisible.js
gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame FA0B
31 KB
14 KB
Script
General
Full URL
https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677096000
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4598a00ca8ef68f32b2cc69074851808aa6bbf8f5b7920d20aa14eb2828aa15

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY11UP77yo5cxXuqteNJGhOCUJBit0M3Fn5ogXCZMVu9a9tMFw%2FyTWAjCJSsBpQM%2B3fQx4qpsq07yvBLxs72nzpJGE5gFkiTts3iFSkixAbeuKb93LJ9wMqP4lK460X8p7AXUfbx9tO5TkAkpRLj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79daf65b0d16333c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.min.css
g8400m3ybg8x3x.trustexploration.com/css/ Frame 2C51
1 KB
904 B
Stylesheet
General
Full URL
https://g8400m3ybg8x3x.trustexploration.com/css/embed.min.css?v=0.4
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6033
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIxAiv9KDTpHd0ldnnnMsB4g0n%2B1dVbbswekMyzkvxNEIdl2qXuDG8Xjk1g%2FCILYdYearbqeRyUxqpzLoiAmq4svyb8Rfleg82DSgV7bstpaev%2FAfuY6Rjwz53EbhYyFFxt8i72ARwV%2FkWPNG6nIr3RuMwAtkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=608400
cf-ray
79daf65b5fb03b59-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 01 Mar 2023 21:14:15 GMT
jquery.min.js
g8400m3ybg8x3x.trustexploration.com/js/ Frame 2C51
85 KB
31 KB
Script
General
Full URL
https://g8400m3ybg8x3x.trustexploration.com/js/jquery.min.js
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6033
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vd%2FDS7OLrflbPkE1TsonNjEnLD2JPRz6IdQ99Pck4GHDVtKv1C7nXzCPC8gp5T%2FtxmZpmvToxWQgFvwj6LOR767e3LjdI9%2BtOE7mP4HqqDmrYndJN1sr92q8eBNLzru%2FugVb3uStKUtn527RI%2FBuzKbmi3s4eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
79daf65b5fb33b59-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 01 Mar 2023 21:14:15 GMT
nsns.js
swarm.video/ Frame 2C51
532 KB
134 KB
Script
General
Full URL
https://swarm.video/nsns.js?v=1.1
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26238
cf-polished
origSize=545594
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 16 Feb 2023 19:59:09 GMT
server
cloudflare
etag
W/"8533a-1865bcf2c90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVKqVRwXG61pa8sFkHDL40qoMAg%2Bj7iWnOt636WiYjf9jmnfIhcneNT%2BgxTcdKxDepQV875byc7mlM40JS08EIRqi1UQhwIIdw1VyBIgN6sTXVvlo8j9ROCT77yfFyqXkAQ033BIcLSikQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79daf65bc8071871-EWR
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 2C51
513 KB
138 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 22 Feb 2023 21:54:48 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5648
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
141142
x-served-by
cache-fra-eddf8230067-FRA, cache-yul12831-YUL
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
widgets.amung.us/draw/ Frame 2C51
Redirect Chain
  • https://whos.amung.us/cwidget/bkw7sodkdx/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=119500&c=000000ffffff&p=left
2 KB
2 KB
Image
General
Full URL
https://widgets.amung.us/draw/?w=colored&n=119500&c=000000ffffff&p=left
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b68539cb4fefd166e6e2de2c570ba22d0ff9186ca28504d76f3dc7fa9c9a2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 20:55:56 GMT
server
cloudflare
age
3532
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
79daf65c5fd9178c-EWR
expires
Thu, 23 Feb 2023 20:55:55 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=119500&c=000000ffffff&p=left
date
Wed, 22 Feb 2023 21:54:48 GMT
cache-control
max-age=295
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
79daf65bae84178c-EWR
content-type
text/html; charset=UTF-8
plausible.js
awstats.cloud/js/ Frame 2C51
1 KB
1 KB
Script
General
Full URL
https://awstats.cloud/js/plausible.js
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2e3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJSWQ95bTEdPvKzKhk97jXOyWUEiV6ORr0qEsnVNw0whlPGw%2FHfZnOusSs%2FmECk1mz5aBoE%2FSNUFi%2BisXxdqi4xuao5aQ0bGFjK7oeZQjM0WhDXile0lTK2wezsbubvxoFenvdD2Y3i3wwH%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
cross-origin
cf-ray
79daf65c091f17ad-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
deb.js
g8400m3ybg8x3x.trustexploration.com/ Frame 2C51
25 KB
6 KB
Script
General
Full URL
https://g8400m3ybg8x3x.trustexploration.com/deb.js
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 13:57:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6033
etag
W/"63f61f52-6450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKAcKptZMfSG1TyMN3FHoF6BNe%2FnAflPUOIuJ6DR76dZQ5NzEx0wRgSdlqfgK3YiukM10bE5W7S9kyVWYZxVBvlY%2FRoMZuBFUPcUYUnmkrx%2BGCaG%2B%2B5NjX3CzjliejKqmo6UxCK93apzGKHaQdhsMaXBiY9Svg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
79daf65ba81a3b59-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 01 Mar 2023 21:14:15 GMT
foundation.js
befirstcdn.com/script/ Frame DB8D
98 KB
33 KB
Script
General
Full URL
https://befirstcdn.com/script/foundation.js
Requested by
Host: techclips.net
URL: https://techclips.net/jqueri.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3250a9464a6cf40694cf6210309cc8757cb1cd1f2b020d127912f5216a111b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3136
x-guploader-uploadid
ADPycdvU4aaVksh2kwntMoKhD3iaWeCeeh9nm_Wn0fZJzqKgSKRCuP90qFGkqXZ4i9-kDTzsbWDYUbIP77KeWME1Hw8dlOZozA0H
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 16 Feb 2023 09:26:38 GMT
server
cloudflare
etag
W/"2604bcade722ade53951502593ded70f"
vary
Accept-Encoding
x-goog-hash
crc32c=fOnjew==, md5=JgS8recireU5UVAlk97XDw==
x-goog-generation
1676539598782828
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
100754
cf-ray
79daf65b6e6633ff-YUL
expires
Thu, 23 Feb 2023 01:54:48 GMT
invisible.js
techclips.net/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame E168
34 KB
15 KB
Script
General
Full URL
https://techclips.net/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79daf65498e6c477
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bd4a242ed55871bc369f30f2caa24b40ae6cbfebb6d878cd447fd07cb302de

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH3Mgl7b9eRbz4dU072WDSdMvxWgEy6CGpigElPGhw4vGXwFm1OlrgA%2B3zOETEepXOuit7DFuebHGYq7K20LF5n9vu9aefVkuAKd%2FAgCozF8jqYUu9eIcpsrVydfwmRbh%2FDtHS1snCdHwi3R"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79daf65b8dcb1a40-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
js
www.googletagmanager.com/gtag/ Frame F2D8
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DVLT49GMSE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155376540-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
063502916b59ec9930c1868c76e323f2603c706af3a2397fba37c28d62b39ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77381
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Feb 2023 21:54:48 GMT
analytics.js
www.google-analytics.com/ Frame F2D8
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155376540-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 20:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4044
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 22 Feb 2023 22:47:24 GMT
css
fonts.googleapis.com/ Frame 2C51
1 KB
805 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/css/embed.min.css?v=0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 21:12:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 21:54:48 GMT
rum
techclips.net/cdn-cgi/ Frame DB8D
0
139 B
XHR
General
Full URL
https://techclips.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://techclips.net/clip/s1.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type
application/json

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://techclips.net
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
79daf65bbe101a40-EWR
/
e.dtscout.com/e/ Frame 290D
8 KB
4 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4743517&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-146975178&@b3:1677102888&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fc25b48b7da194d57520d943836857f6584e3aa99a99fb6a47167fe8e41685

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
x-t
0.64
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPDboXj0edcPAMvDvpYUro6KHQ2uzNXdBjk4vHQRytmpd1yA1ZfHtZzYp%2BydfzJnftsSUBNK%2BVMys7GdIBaNb5EVVdWLGqO%2F3QpP705Ie7HvFDawyvDBOfU%2FD4noP5MXLjuip%2BZI1kS9pXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl1
cf-ray
79daf65c1a92334e-EWR
expires
Wed, 22 Feb 2023 21:54:47 GMT
js
www.googletagmanager.com/gtag/ Frame DB8D
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HG0JC58V5E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155376540-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f38f0a8f221ad2113f371a8e591209af276f1dff0c6c53bc34e1aa068b6e8514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77308
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Feb 2023 21:54:48 GMT
analytics.js
www.google-analytics.com/ Frame DB8D
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155376540-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 20:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4044
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 22 Feb 2023 22:47:24 GMT
ut.js
befirstcdn.com/script/ Frame F2D8
70 KB
24 KB
Script
General
Full URL
https://befirstcdn.com/script/ut.js?cb=1677102888295
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9eeb32a6a836ca821fa3d3364fac58bf8f84de9dd6496c307b1e60023d48b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3230
x-guploader-uploadid
ADPycdtUSaqMVgKiWtXkQPFhyX8ChF3iPLLipvxspW2ZNPAnIc_fZmHTVbL30pxOPamCZO5WQVld83ciuqCDusPz0GgL-yL2oMIH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Jan 2023 10:13:06 GMT
server
cloudflare
etag
W/"32cbc0400462d7cfabd88795319e259b"
vary
Accept-Encoding
x-goog-hash
crc32c=WRmDUA==, md5=MsvAQARi18+r2IeVMZ4lmw==
x-goog-generation
1674555186374348
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
72138
cf-ray
79daf65bef6b33ff-YUL
expires
Thu, 23 Feb 2023 01:54:48 GMT
suurl4.php
youradexchange.com/script/ Frame F2D8
1 KB
1 KB
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=3983011&chmob=%3F0&cbur=0.37915014402054514&cbiframe=1&cbWidth=728&cbHeight=360&cbtitle=&cbpage=&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1eb687850822a43af366844f10b819a24f47d42f099f61660ef6890863af475

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gamerarcades.com/assets/ts1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyzu%2Bka4bkm%2BUOgyfIN20xyiUuhqp0yO7NljeL7tlvhd9NpEDTCacvx8Iwtgsc7TsGywYI65MgUCb4cCaPHTr4VTAkpkkPm0Pq6r4O3fCnirn1q%2BOMwdvEqUZ8B6CseujjD2nlHckWIMTT0%2BRsSnGDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
79daf65c4f0fc43b-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ut.js
befirstcdn.com/script/ Frame DB8D
70 KB
24 KB
Script
General
Full URL
https://befirstcdn.com/script/ut.js?cb=1677102888361
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9eeb32a6a836ca821fa3d3364fac58bf8f84de9dd6496c307b1e60023d48b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3230
x-guploader-uploadid
ADPycdtUSaqMVgKiWtXkQPFhyX8ChF3iPLLipvxspW2ZNPAnIc_fZmHTVbL30pxOPamCZO5WQVld83ciuqCDusPz0GgL-yL2oMIH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Jan 2023 10:13:06 GMT
server
cloudflare
etag
W/"32cbc0400462d7cfabd88795319e259b"
vary
Accept-Encoding
x-goog-hash
crc32c=WRmDUA==, md5=MsvAQARi18+r2IeVMZ4lmw==
x-goog-generation
1674555186374348
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
72138
cf-ray
79daf65c586333ff-YUL
expires
Thu, 23 Feb 2023 01:54:48 GMT
pica.js
gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame FA0B
18 KB
8 KB
Other
General
Full URL
https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b2db15970f5bc8a9746591970036bf390cb5d3ddeef0baf1a8eb4b45625d6f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSPp3T5HUOykLj3Q5xc%2FlUsgthKISbAdtwhmMZYNlYbtoH5pOC1A3ekz7iSRcvBQ2eifDoK3qr7zMMCCIDdzRvDan%2BiQpkWmTzZS1nmd12m0xpIlY00QdQ7Nsv1FAYq2%2BWe54zzz%2FvJP%2FkNKq1Yf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79daf65c6fee333c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
suurl4.php
youradexchange.com/script/ Frame DB8D
1 KB
1 KB
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=6222650&chmob=%3F0&cbur=0.25361565191152646&cbiframe=1&cbWidth=640&cbHeight=360&cbtitle=&cbpage=&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c14f85851d2d6ddff7f3ae2ef6fe16ec8af9c98aafb8c53bdcda078fa26c8af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://techclips.net/clip/s1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmE13Hrekjke0iqYrFJUd%2BoKZlUiR36nPzIYId9sShjUHlVAc30d2VJzDmOrFp4ryuh1dIJ6wrLNxjIbf3Jl7n9fB%2FPpvkPJCQ1RwWS996TiZh6r1qOLLjl3fvKnnFUYrgVfqg4UX7OiPKAdTcxwCJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
79daf65c7b1cc344-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
foundation.js
befirstcdn.com/script/ Frame 2C51
98 KB
33 KB
Script
General
Full URL
https://befirstcdn.com/script/foundation.js
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b8fb6c30974456ab768748246591a483af46679c00c6e154cfe5f5a99e2839

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3136
x-guploader-uploadid
ADPycdvU4aaVksh2kwntMoKhD3iaWeCeeh9nm_Wn0fZJzqKgSKRCuP90qFGkqXZ4i9-kDTzsbWDYUbIP77KeWME1Hw8dlOZozA0H
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 16 Feb 2023 09:26:38 GMT
server
cloudflare
etag
W/"2604bcade722ade53951502593ded70f"
vary
Accept-Encoding
x-goog-hash
crc32c=fOnjew==, md5=JgS8recireU5UVAlk97XDw==
x-goog-generation
1676539598782828
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
100754
cf-ray
79daf65d6ae433ff-YUL
expires
Thu, 23 Feb 2023 01:54:48 GMT
loader_nav20683393096_3.js
vk.com/js/ Frame 7039
257 KB
54 KB
Script
General
Full URL
https://vk.com/js/loader_nav20683393096_3.js
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113366
Resource Hash
830dbab9e7059b9f94fb970c403e219f8911a32dc3c53a25c84ec2530c180bb6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
gzip
x-frontend
front225204
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113366
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
55295
fonts_cnt.a289ed70815ffbd082ae.css
st6-21.vk.com/css/al/ Frame 7039
331 KB
249 KB
Stylesheet
General
Full URL
https://st6-21.vk.com/css/al/fonts_cnt.a289ed70815ffbd082ae.css
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
81263a351ddb110a4937fc128a270f1b4330e7b5f6cf6b24ff497864c85fc1e5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Mon, 06 Feb 2023 15:27:38 GMT
server
kittenx
etag
"63e11c6a-3e078"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
254072
expires
Sun, 26 Feb 2023 21:54:49 GMT
lite.ce9567cd8cf121942abf.css
st6-21.vk.com/css/al/ Frame 7039
274 KB
36 KB
Stylesheet
General
Full URL
https://st6-21.vk.com/css/al/lite.ce9567cd8cf121942abf.css
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
c9d40d0270579b68aecda27b3ce8a4f780f23965dd394a45b34cb43f79e4f8ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Wed, 22 Feb 2023 15:59:24 GMT
server
kittenx
etag
"63f63bdc-8ce8"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
36072
expires
Sun, 26 Feb 2023 21:54:49 GMT
lite.js
vk.com/js/al/ Frame 7039
262 KB
61 KB
Script
General
Full URL
https://vk.com/js/al/lite.js?107
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
821f4c5c421edad5446d12071c952054aeed61f269c1682d6636af19ffc99a1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
x-frontend
front225204
last-modified
Fri, 17 Feb 2023 11:25:03 GMT
server
kittenx
etag
"63ef640f-f1fc"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
61948
expires
Sun, 26 Feb 2023 21:54:48 GMT
lang3_0.js
vk.com/js/ Frame 7039
82 KB
24 KB
Script
General
Full URL
https://vk.com/js/lang3_0.js?27951714
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113366
Resource Hash
09ffd2c2092496e2bec14f6a18c73922386e853ac63185d0d608f77232b8f776
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
gzip
x-frontend
front225204
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113366
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23990
polyfills.1881adbf36454e07c9c6.js
st6-21.vk.com/dist/ Frame 7039
134 KB
43 KB
Script
General
Full URL
https://st6-21.vk.com/dist/polyfills.1881adbf36454e07c9c6.js?a69ef34dc1979f8d5126
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
2f27f763a6ce6799cf4d6d25a816040115ea8505f18e465c3769d30c2d895d18
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Thu, 02 Feb 2023 23:04:52 GMT
server
kittenx
etag
"63dc4194-a997"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
43415
expires
Sun, 26 Feb 2023 21:54:49 GMT
common.0e051501ae192ff8bd84.js
st6-21.vk.com/dist/ Frame 7039
1 MB
314 KB
Script
General
Full URL
https://st6-21.vk.com/dist/common.0e051501ae192ff8bd84.js?311d95e10e598914f7f96fb
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
7da9230028aea9e9a3f7719af7895e2a856bace59e912b48bc724095bd30a760
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Wed, 22 Feb 2023 12:10:34 GMT
server
kittenx
etag
"63f6063a-4e6b2"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
321202
expires
Sun, 26 Feb 2023 21:54:49 GMT
video_ext.79f7a108efa672775f1f.js
st6-21.vk.com/dist/web/ Frame 7039
10 KB
4 KB
Script
General
Full URL
https://st6-21.vk.com/dist/web/video_ext.79f7a108efa672775f1f.js?1dbef67f28f8ad00089e102f9f8de1a0
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
d8aa1c2324114122531f2db78176a28a2581f9ffa7ceae28c90217f5184af2ac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Feb 2023 20:28:19 GMT
server
kittenx
etag
"63ea9d63-f31"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
3889
expires
Sun, 26 Feb 2023 21:54:49 GMT
react.6d787991b51243317269.js
st6-21.vk.com/dist/ Frame 7039
146 KB
43 KB
Script
General
Full URL
https://st6-21.vk.com/dist/react.6d787991b51243317269.js?cb151ae0d77e1fe8ca23
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
6db8fba78b19521c3fd8d743d4a596beaa5deaa8d41df7b5a5a6ca7b14d27b59
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Tue, 29 Nov 2022 04:27:50 GMT
server
kittenx
etag
"63858a46-ab23"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
43811
expires
Sun, 26 Feb 2023 21:54:49 GMT
palette.28ed80ebcd89c370bca4.js
st6-21.vk.com/dist/ Frame 7039
100 KB
24 KB
Script
General
Full URL
https://st6-21.vk.com/dist/palette.28ed80ebcd89c370bca4.js?386f0071c6896fb9059f
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
67ab7ccf57d60ae22497beb080f00d7e97df805b76735d5ca29870f5b1e8ec7a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Feb 2023 20:28:19 GMT
server
kittenx
etag
"63ea9d63-5e4c"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
24140
expires
Sun, 26 Feb 2023 21:54:49 GMT
vkui.9ce756e79bcf283a954f.js
st6-21.vk.com/dist/ Frame 7039
316 KB
78 KB
Script
General
Full URL
https://st6-21.vk.com/dist/vkui.9ce756e79bcf283a954f.js?2df1137b7db10aaebda9
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
895ec112d93d396e97cab5372c8afa2092a7cdc2f9de4730dcd89a5d0d2ef42a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2023 11:06:44 GMT
server
kittenx
etag
"63be9844-13762"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
79714
expires
Sun, 26 Feb 2023 21:54:49 GMT
vkcom-kit.b02583029335091c5abf.css
st6-21.vk.com/dist/ Frame 7039
22 KB
4 KB
Stylesheet
General
Full URL
https://st6-21.vk.com/dist/vkcom-kit.b02583029335091c5abf.css
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
d2ce5e0b2e0703f4059ee6180a522092272fe07d2f1585079b6e097e1d87eddf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Feb 2023 15:05:18 GMT
server
kittenx
etag
"63ea51ae-104b"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
4171
expires
Sun, 26 Feb 2023 21:54:49 GMT
vkcom-kit.76cad8418a33d4f28b8e.js
st6-21.vk.com/dist/ Frame 7039
50 KB
13 KB
Script
General
Full URL
https://st6-21.vk.com/dist/vkcom-kit.76cad8418a33d4f28b8e.js?
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
767c1fc96d635ac28c8728d6d8ef09f6be1fb010bd31a1888af9d3a3049cfa8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Wed, 22 Feb 2023 07:04:50 GMT
server
kittenx
etag
"63f5be92-312e"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
12590
expires
Sun, 26 Feb 2023 21:54:49 GMT
state-management.bb1e1832d49618602ef0.js
st6-21.vk.com/dist/ Frame 7039
60 KB
21 KB
Script
General
Full URL
https://st6-21.vk.com/dist/state-management.bb1e1832d49618602ef0.js?d2ccf782de755143ba7c
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
f7be11912a6cfc59519445609d076fb92503789ae4fd297d2fb0b054daca229c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Tue, 14 Feb 2023 13:08:49 GMT
server
kittenx
etag
"63eb87e1-5276"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
21110
expires
Sun, 26 Feb 2023 21:54:49 GMT
audioplayer.3ab3a49776221d355a31.js
st6-21.vk.com/dist/ Frame 7039
161 KB
41 KB
Script
General
Full URL
https://st6-21.vk.com/dist/audioplayer.3ab3a49776221d355a31.js?311a6d9c62f57257d27893a
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
ececa9e61bb3fdcc596ffc85f78c55677d9da377643c615dd7d717e61a835334
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Fri, 17 Feb 2023 15:36:41 GMT
server
kittenx
etag
"63ef9f09-a12c"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
41260
expires
Sun, 26 Feb 2023 21:54:49 GMT
31f5b212702a408d2fa066d6c8b98986.df1aea5588624408a7cb.js
st6-21.vk.com/dist/ Frame 7039
54 KB
18 KB
Script
General
Full URL
https://st6-21.vk.com/dist/31f5b212702a408d2fa066d6c8b98986.df1aea5588624408a7cb.js?867d5368dcb9f237432d
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
f179d8d7a39288eead96a610d2b2afea6b0088ee190fbfe5451c950fafabcfbf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Mon, 13 Feb 2023 20:28:19 GMT
server
kittenx
etag
"63ea9d63-4538"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
17720
expires
Sun, 26 Feb 2023 21:54:49 GMT
28e4257a346db314c3cfa2c0afc1285f.ab192ce1561d244ef8ee.js
st6-21.vk.com/dist/ Frame 7039
157 KB
35 KB
Script
General
Full URL
https://st6-21.vk.com/dist/28e4257a346db314c3cfa2c0afc1285f.ab192ce1561d244ef8ee.js?fb6e2c949f3ca6d8b1b5
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
2e2464a84508d5cfadee94354c2b922fa653b3c2ef8432b2d40eb3b3b0e7e451
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Tue, 21 Feb 2023 13:27:03 GMT
server
kittenx
etag
"63f4c6a7-8a05"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
35333
expires
Sun, 26 Feb 2023 21:54:49 GMT
videoview.75f6d8f5bf59d939ee3f.css
st6-21.vk.com/dist/web/ Frame 7039
4 KB
1 KB
Stylesheet
General
Full URL
https://st6-21.vk.com/dist/web/videoview.75f6d8f5bf59d939ee3f.css
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
0f14789a0ec4877cbd4b3839c9b59145e41c2a09c3ed42c9e2e6608154c3e606
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Sat, 28 Jan 2023 10:27:40 GMT
server
kittenx
etag
"63d4f89c-318"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
792
expires
Sun, 26 Feb 2023 21:54:49 GMT
videoview.8b3fc5ee2506fe2b0f50.js
st6-21.vk.com/dist/web/ Frame 7039
9 KB
4 KB
Script
General
Full URL
https://st6-21.vk.com/dist/web/videoview.8b3fc5ee2506fe2b0f50.js?
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
d50aebcf328b08623f7637c16273921eb114c14cceecffae3e5535f1b65ffa24
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Wed, 22 Feb 2023 12:10:34 GMT
server
kittenx
etag
"63f6063a-107e"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
4222
expires
Sun, 26 Feb 2023 21:54:49 GMT
ui_common.01a1a009a0ef66cc0209.js
st6-21.vk.com/dist/web/ Frame 7039
93 KB
21 KB
Script
General
Full URL
https://st6-21.vk.com/dist/web/ui_common.01a1a009a0ef66cc0209.js?8318eebd0a796728002b46dd06b4f028
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
4a2e051d848a7b11b73293f3b80623342d94a58f0acc8c0c6edd957c6e248b12
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Wed, 15 Feb 2023 20:34:09 GMT
server
kittenx
etag
"63ed41c1-53c9"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
21449
expires
Sun, 26 Feb 2023 21:54:49 GMT
ui_common.0a29c544720bdcf89154.css
st6-21.vk.com/css/al/ Frame 7039
106 KB
15 KB
Stylesheet
General
Full URL
https://st6-21.vk.com/css/al/ui_common.0a29c544720bdcf89154.css
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
c17a81619e8e4f29e545389f3fd60a54c6deef2cdb398c0f9e40fee334f762a4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Tue, 14 Feb 2023 13:38:21 GMT
server
kittenx
etag
"63eb8ecd-39bf"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
14783
expires
Sun, 26 Feb 2023 21:54:49 GMT
base.1c25eeb7ac42cd36d08a.css
st6-21.vk.com/css/al/ Frame 7039
124 KB
19 KB
Stylesheet
General
Full URL
https://st6-21.vk.com/css/al/base.1c25eeb7ac42cd36d08a.css
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 Amsterdam, Netherlands, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
aaec2305eefd571037b150cba763d4fdba48f48d7797c7fb5843c6843b5b92ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
x-frontend
front6-21
strict-transport-security
max-age=15768000
last-modified
Wed, 08 Feb 2023 11:29:05 GMT
server
kittenx
etag
"63e38781-4b7d"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
19325
expires
Sun, 26 Feb 2023 21:54:49 GMT
79daf65498e6c477
techclips.net/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E168
2 B
684 B
XHR
General
Full URL
https://techclips.net/cdn-cgi/challenge-platform/h/g/cv/result/79daf65498e6c477
Requested by
Host: techclips.net
URL: https://techclips.net/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79daf65498e6c477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYOTEPddaiY8pdPofzOIevhG2XB1BscJB7WQcH72SmnxfJ%2FhVjOA0cdaq7z3bWlqruSLU%2Feu5qe3%2FYg7Os3wjyQoCSUlTu04%2FR9LSb3Rf64KOo9cNy9wVHHtW3cU1FghDaoJijO1NiPj8Wr8"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79daf65f3dcb1a40-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=1,i=?0
pica.js
techclips.net/cdn-cgi/challenge-platform/h/g/scripts/ Frame E168
19 KB
8 KB
Other
General
Full URL
https://techclips.net/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006997f356b52ffa14cdb06e3ac87bf120065d5d746bc718c31e3ded5280c3e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LwdnoMH0INVpVkMSze6cVCMbp11w23%2FIQZss7wZO72K%2Bxj6brRrbceLqr%2BFG01rU5Kz4E%2FCiRw%2BdnhuEpTvgWAbYBAP4oNS0NUjsnz6OmqIaT9zeIUryO8nOn0hTW3AzMpW%2BZJoYLlE2iYZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79daf65f5e161a40-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=1,i=?0
79daf6544dd98ccd
gamerarcades.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame FA0B
2 B
671 B
XHR
General
Full URL
https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/cv/result/79daf6544dd98ccd
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677096000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UInZdVHtGIYVAPxDhGa5Sj5wUa7L10nkrihJjHdQozlydpgcgUAE9GG2c44wLMt%2BJxkjf7L0t7XE1QD6WF5kCN%2FtAJRf4XwVwvkYL2fox8LRbXTxsDxEtR3SMwwAD0XxdOJL58wFzO2WWko1hwLU"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79daf660c80c333c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hb.php
youradexchange.com/ut/ Frame F2D8
0
422 B
Ping
General
Full URL
https://youradexchange.com/ut/hb.php?cb=0.28507335912382326
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/ut.js?cb=1677102888295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gamerarcades.com/assets/ts1.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXnHIJ1GwU0VCDYzGGZM9tCLAv0CjB9aE7tKlICngREIIW7AC7Oy5SrV5FrbpsqAWjS9QP12dKc%2BKCuJASABYl%2BCI9hIf3qBJjysJyLaIO6x0cnEOWSBIDK0cHMRfWaEsL36DdWBpCCpBxQWb7HgCWw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79daf660cf90c354-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
t.dtscout.com/idg/ Frame 5CBA
1 KB
734 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=6D001677102888C1C47FE9D28DAA8BE3
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe5d8ca93536380431634c01c2ad5cd14eaa86b4bd8dd2905b380c72f043604

Request headers

Referer
https://sportsembed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
79daf660eac5334e-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 21:54:49 GMT
expires
Wed, 22 Feb 2023 21:54:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMDAp0yGvEmA3tvIPXlriZsc2jTgwKqMhKZeC3qR7cHePOH1vNOlvUOB%2FLK9agoInKmYZGr4dfr7puQyfOHUjq5%2BRvRjcbryaWGYmE8O4h5wMW2GKtR2tFEHh76O6rgkcZWGCIYsNuy6Ga4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 290D
30 KB
10 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-57.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:59:49 GMT
x-amz-version-id
ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3
content-encoding
gzip
last-modified
Thu, 25 Aug 2022 14:07:06 GMT
server
AmazonS3
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
etag
W/"c722c8e06c3a9be75b009576c49f7792"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
age
39301
x-amz-cf-id
2xPYcan18_QZeejIb4zD0XMr3Y-HEpSW8GoirYbcZMALbyPWoHKcog==
dtscout
pd.sharethis.com/pd/ Frame 290D
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.58.43.146 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-43-146.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
7abd52d47abd6dbecc84de11e55f981c2cb49cd7a94fe70158618c12c61f8623
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2273
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 290D
51 B
392 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=sportsembed.su&_ss=5t1xtqllrb&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=3pap&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4734d0e6eb38b523c1014fc9112f16521d86dc539bea7e55ab73cf908dda646

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
x-t
0.133
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbvpxhw0ECxlBoD3DfPBzx6VRd%2Bggv7hLpWI7ZKyRz7tYlpfbqMRcdiyOI43A%2FlZpq%2FEFMH8eymnNFnrx7lrSzP8QhEfx0dJAuDTNoG7GV8sdcqCpssZDvJ9hd71jgi%2BZGKRY%2B8wJZfKlWY%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
79daf660eac8334e-EWR
expires
Wed, 22 Feb 2023 21:54:48 GMT
foundation.js
vyazd.com/script/ Frame 2C51
98 KB
35 KB
Script
General
Full URL
https://vyazd.com/script/foundation.js
Requested by
Host: g8400m3ybg8x3x.trustexploration.com
URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b8fb6c30974456ab768748246591a483af46679c00c6e154cfe5f5a99e2839

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2261
x-guploader-uploadid
ADPycdsMtZuMecrJnNu7huTozMOLZD7_tOVNLDGETAqvlYWbHycLGoNqIy0MasNSLRR7qMigydZPmZ4w5hK583qiRyNvprXTpkUz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 16 Feb 2023 09:26:38 GMT
server
cloudflare
etag
W/"2604bcade722ade53951502593ded70f"
vary
Accept-Encoding
x-goog-hash
crc32c=fOnjew==, md5=JgS8recireU5UVAlk97XDw==
x-goog-generation
1676539598782828
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUZKCXYu1EzWCseb5sgRx1T2CwxrVfRjq4a65oCOrskI2SP9AjBuRJIMMiX0wh%2F9D047PIsNyqwVY4XsKBwNoh%2BO6VK%2F%2BPRVIfKVVzcHZoLw%2BXQPfapHPW26yf%2FElhLpjo%2FWSnI%2FByw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100754
cf-ray
79daf6614e4fc352-EWR
expires
Wed, 22 Feb 2023 22:15:05 GMT
styles-4442d90.css
static.vkplay.live/css/ Frame 1FDE
343 KB
65 KB
Stylesheet
General
Full URL
https://static.vkplay.live/css/styles-4442d90.css?v=undefined
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash
ab46be9ba674669216946ece68fbc7dad9b28a26a8158781564845f74d2835d4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
Last-Modified
Wed, 22 Feb 2023 19:10:49 GMT
Server
nginx
ETag
"63f668b9-10374"
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Content-Length
66420
Expires
Wed, 08 Mar 2023 21:54:49 GMT
d122622141
rs.mail.ru/ Frame 1FDE
43 B
451 B
Image
General
Full URL
https://rs.mail.ru/d122622141?rnd=0.25941802054056873
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:50 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
vendor-c3ffea9.js
static.vkplay.live/js/ Frame 1FDE
2 MB
701 KB
Script
General
Full URL
https://static.vkplay.live/js/vendor-c3ffea9.js?v=undefined
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash
d7cf004e1c820b44d107da6603294749e7607ac337fbb00ee74618b6244580f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:10:49 GMT
Server
nginx
ETag
"63f668b9-af3cd"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Cache-Control
max-age=1209600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
717773
Expires
Wed, 08 Mar 2023 21:54:49 GMT
icons-afcd855.js
static.vkplay.live/js/ Frame 1FDE
530 KB
147 KB
Script
General
Full URL
https://static.vkplay.live/js/icons-afcd855.js?v=undefined
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash
7ab859619b02eff70d6d36ef3ecb47a7cd86c01506b3886955c81d10d3f0c8b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:10:49 GMT
Server
nginx
ETag
"63f668b9-24964"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Cache-Control
max-age=1209600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
149860
Expires
Wed, 08 Mar 2023 21:54:49 GMT
app-a9fb29c.js
static.vkplay.live/js/ Frame 1FDE
1 MB
270 KB
Script
General
Full URL
https://static.vkplay.live/js/app-a9fb29c.js?v=undefined
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash
9a4669e8b8a23cbf82b273d4a2b0fb4060aeb0753f5be7592d7fe2663163d0f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:10:49 GMT
Server
nginx
ETag
"63f668b9-435ef"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Cache-Control
max-age=1209600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
275951
Expires
Wed, 08 Mar 2023 21:54:49 GMT
js
www.googletagmanager.com/gtag/ Frame 1FDE
110 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-226909574-1
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
203788e58c2c9695c2f8400714ff25fbd8a730720323bb037b91330835e7780f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44160
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 21:54:49 GMT
hb.php
youradexchange.com/ut/ Frame DB8D
0
424 B
Ping
General
Full URL
https://youradexchange.com/ut/hb.php?cb=0.22965225930762245
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/ut.js?cb=1677102888361
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techclips.net/clip/s1.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=955ApSSBfq7hseMSLBEd4fD%2FdVNOwqOgDIk6pULgNxD%2BuL9D%2BbYi27TZTPvleGzMYyEaGD4uDwpPSaIfVoDJsd5gcM%2B4UUFuZFmt0Car2LLjcB9Vv5mbvsf8qZcLwJTu1O5%2Bvl6s6EMO6IaEiRog3sQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79daf661990ac354-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ut.js
befirstcdn.com/script/ Frame 2C51
70 KB
24 KB
Script
General
Full URL
https://befirstcdn.com/script/ut.js?cb=1677102889246
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3231
x-guploader-uploadid
ADPycdtUSaqMVgKiWtXkQPFhyX8ChF3iPLLipvxspW2ZNPAnIc_fZmHTVbL30pxOPamCZO5WQVld83ciuqCDusPz0GgL-yL2oMIH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Jan 2023 10:13:06 GMT
server
cloudflare
etag
W/"32cbc0400462d7cfabd88795319e259b"
vary
Accept-Encoding
x-goog-hash
crc32c=WRmDUA==, md5=MsvAQARi18+r2IeVMZ4lmw==
x-goog-generation
1674555186374348
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
72138
cf-ray
79daf661dbc433ff-YUL
expires
Thu, 23 Feb 2023 01:54:49 GMT
event
awstats.cloud/api/ Frame 2C51
2 B
542 B
XHR
General
Full URL
https://awstats.cloud/api/event
Requested by
Host: awstats.cloud
URL: https://awstats.cloud/js/plausible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2e3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://g8400m3ybg8x3x.trustexploration.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACclcEmeT9J%2FZnOywirQl3myonHckbnvL%2FOOlmw2AlEh96TSElgattpBGcazQNToGX2IY7HcLKmOperRCF32Mu%2F%2BTLpOuGH0Q2IMgdl44hxGPSbjLUf%2B6QsvrYn%2B%2FHyA02yKrZTkMv65vl4X"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
79daf6622bde1879-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
x-request-id
F0ZEMU0VZvetCz8AecMC
suurl4.php
youradexchange.com/script/ Frame 2C51
1 KB
1 KB
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=5954546&chmob=%3F0&cbur=0.8498904933111693&cbiframe=1&cbWidth=728&cbHeight=360&cbtitle=&cbpage=https%3A%2F%2Fsportsembed.su%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/foundation.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7f52d37fcb7d923282936d5e10003bd04747fb056110f61890f389a2394616

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsCMokRtZ5sQJYiUhQUszp9Z9kLBybek5w3JBUYAjW65p0Ffhvh7ZllrfGddRicofBP3xGav%2FJ1ksLHW1IQN6sxmz7uM6Gy5Ahielj35ZX7WV3j3CUIN1G2e2iCMlHB%2BqV6yYWt%2FWxbgkkariPeowCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
79daf6621d7bc344-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame 290D
52 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 15:20:14 GMT
content-encoding
gzip
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 18:30:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
23676
etag
W/"d92273856cbc8d3aad0c2259f9be9a68"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
hYgbKjMso8m4w4hl7FBXTbvinSH6M_G0GWmczMhyhShaJEcZz8RjfQ==
/
t.dtscdn.com/widget/ Frame 290D
0
602 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=6D001677102888C1C47FE9D28DAA8BE3&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
x-t
1.63
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcmXiZqxQSMOXgUK%2BJcvBth6aKGPh3d4VDO2eRxR8E1C%2BUKM57DrD5AtX6PychN%2FJ9ATc6qF0w5g238h8QHd%2FyOfGvNnHWYEnx%2BJsF4P2Aw2nW5mm246sNrWYVWQhp3M4nSSW97sICFVhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web14.ny1.dtscdn.com
cf-ray
79daf6629cf93931-IAD
expires
Wed, 22 Feb 2023 19:55:40 GMT
e
a.dtssrv.com/ Frame 290D
21 B
591 B
XHR
General
Full URL
https://a.dtssrv.com/e?i=6D001677102888C1C47FE9D28DAA8BE3
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4158f995b3fbc4314e18bc395e0faa38d2390c1bd0ed08efe086c73656b5178

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
cache
date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLpgU1NknodH%2BOdAM7%2FsbDDcb8sRitUgUxWwRgPyFeNqXeRyX170DQ2HtL%2F8BwTbmWFGYAJyMo5AemMcA37vmhGrUvnQwFIEO%2BNcDfjdB5YKDH4%2B%2FGMIej6s6qPh1RoztVUgdQ6t5twkQB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://sportsembed.su
cache-control
s-maxage=0
access-control-allow-credentials
true
cf-ray
79daf6627f031875-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 Feb 2023 23:54:49 GMT
5386
tags.bluekai.com/site/ Frame 290D
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001677102888C1C47FE9D28DAA8BE3
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e15fd23142b7d9a0fb64ddc0c0e1827c&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=5c0ea31a97299608
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
62 B
315 B
Image
General
Full URL
https://tags.bluekai.com/site/5386?id=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
H2
Server
173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 22 Feb 2023 21:54:51 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
221
t.dhj
t.sharethis.com/1/d/ Frame 290D
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.984268458538341&stid=ZGQABmP2jykAAAAIS%2BKSAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.106.226.133 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-106-226-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6a5c4a2b64918ed6d1e866896635ef6b166c94623e41249352a52e3e51b6bfc
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1361
Expires
Wed, 22 Feb 2023 22:54:49 GMT
dtscout
pd.sharethis.com/pd/ Frame 290D
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=&event_source=dtscout&rnd=0.984268458538341&exptid=ZGQABmP2jykAAAAIS%2BKSAw%3D%3D&fcmp=false
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.58.43.146 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-43-146.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
79daf6544dd98ccd
gamerarcades.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame FA0B
2 B
678 B
XHR
General
Full URL
https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/cv/result/79daf6544dd98ccd
Requested by
Host: gamerarcades.com
URL: https://gamerarcades.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677096000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtdxeRsWeXBvTG%2BQdrYdGcy3PXTDIPriIUq7QyCzGE4hQbKGJy3MVKIUTyB%2FoNnMADVHAnGKvmpXVffpnssS%2B40QC6PeJrWpZLzd4ijUS8DFR%2Bz9MiiJero6kMQu3dN%2FrJikPSYe6He6u6IRqe5I"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79daf663ce0d333c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
79daf65498e6c477
techclips.net/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E168
2 B
685 B
XHR
General
Full URL
https://techclips.net/cdn-cgi/challenge-platform/h/g/cv/result/79daf65498e6c477
Requested by
Host: techclips.net
URL: https://techclips.net/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79daf65498e6c477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bb52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BV%2BhxrFe2Nyk717LrVzl77Ok35RD4oBJY6SkM%2F8KLyHhWCvis3uwovmKen%2Fip5Xpcz7XMn5uXg1OZKVATxDxO5AiMuG026E9HXiElpmKwah8UZxGHj7MV%2BROjvzb59GlRqMQiHWDaoNIBoka"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79daf6654a5d1a40-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=1,i=?0
hb.php
youradexchange.com/ut/ Frame 2C51
0
424 B
Ping
General
Full URL
https://youradexchange.com/ut/hb.php?cb=0.0566345153801322
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/ut.js?cb=1677102889246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g8400m3ybg8x3x.trustexploration.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr81TzUju00dK3vHophVdbmLJCHm8CLoOszrFM2iYUNuX%2Fn2YQ9nocuzKnZ%2FwsGhNpcl31DxXzCWZoYu%2F%2BuAyGYk9SWPldgdGDjrUXjs6gvjRQ4qFGH3bkTvkwLAf3e04etewQ3pfm0VQAwptnYcTZ4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79daf6657f4dc354-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
onetag-geo.s-onetag.com/ Frame 290D
535 B
947 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-33.jfk51.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:08:59 GMT
via
1.1 bfc4676044fcc4c0c8e705c71ca51fea.cloudfront.net (CloudFront), 1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5, JFK51-C1
age
6350
x-amzn-requestid
ceeadbad-47de-4f3d-9d87-49cbdd4b0a93
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
AwduYE6tiYcF-Dw=
content-length
535
x-amz-cf-id
Z6K32f7Is0X_Wn5pyIoaAhktwKLx1G2HAb7GRf1_guAs_mCKSlwqnQ==
t_.htm
t.sharethis.com/a/ Frame 6755
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.984268458538341&stid=ZGQABmP2jykAAAAIS%2BKSAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.106.226.133 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-106-226-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://sportsembed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Wed, 22 Feb 2023 21:54:49 GMT
Expires
Wed, 01 Mar 2023 21:54:49 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.js
t.sharethis.com/1.1120.23353/a/CA/ Frame 4E53
20 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1120.23353/a/CA/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.106.226.133 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-106-226-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8748
Expires
Wed, 01 Mar 2023 21:54:49 GMT
code.js
top-fwz1.mail.ru/js/ Frame 1FDE
33 KB
15 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 11 Jan 2023 13:29:54 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"63beb9d2-85cc"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 22 Feb 2023 22:54:50 GMT
103801.js
1l-hit.vkplay.ru/v1/hit/ Frame 1FDE
424 B
988 B
Script
General
Full URL
https://1l-hit.vkplay.ru/v1/hit/103801.js?r=https%3A%2F%2Fonline.alkoora.live%2F&l=https%3A%2F%2Fvkplay.live%2Fapp%2Fembed%2Fkoravip&u=&rnd=0.8014090574623149
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.211.21.6 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aee88106629879e8cdeb03ae3a46eeb2ab3ed13d457cab18145c51ce231437b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Expires
Wed, 22 Feb 2023 21:54:49 GMT
analytics.js
www.google-analytics.com/ Frame 1FDE
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-226909574-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 20:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4045
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 22 Feb 2023 22:47:24 GMT
test_oracle
pd.sharethis.com/pd/ Frame A1E0
438 B
675 B
Script
General
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.58.43.146 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-43-146.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
8701646c453c7104bd236024967ab23a2e37ad7e7009c19914eb1b3cf495bf7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:49 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 4E53
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/ttd?uid=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
HTTP/1.1
Server
13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-67-229.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGQABmP2jykAAAAIS+KSAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.sharethis.com/ttd?uid=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
215
nlsn
sync.sharethis.com/ Frame 4E53
Redirect Chain
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://sync.sharethis.com/nlsn?uid=1295b76c04aff354504933301651725f
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/nlsn?uid=1295b76c04aff354504933301651725f
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
HTTP/1.1
Server
13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-67-229.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGQABmP2jykAAAAIS+KSAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

date
Wed, 22 Feb 2023 21:54:50 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sync.sharethis.com/nlsn?uid=1295b76c04aff354504933301651725f
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
eyeota
sync.sharethis.com/ Frame 4E53
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2eNDdWpmbHTs4owzvffc9WUpSwCCdkn7ZtRJKQ7PXwUo&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/eyeota?uid=2eNDdWpmbHTs4owzvffc9WUpSwCCdkn7ZtRJKQ7PXwUo&gdpr=0&gdpr_consent=
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
HTTP/1.1
Server
13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-67-229.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGQABmP2jykAAAAIS+KSAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2eNDdWpmbHTs4owzvffc9WUpSwCCdkn7ZtRJKQ7PXwUo&gdpr=0&gdpr_consent=
Date
Wed, 22 Feb 2023 21:54:50 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame 4E53
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGQABmP2jykAAAAIS%2BKSAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3633793719547723782
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMzc5MzcxOTU0NzcyMzc4MhAAGg0Iqp7anwYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=ef382c47d29094eef7dad2712efb05098a4155580eac6a088f042d0d038022e9f4cb09cee1a4f8eb&person_id=3633793719547723782&eid=50082
43 B
139 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=ef382c47d29094eef7dad2712efb05098a4155580eac6a088f042d0d038022e9f4cb09cee1a4f8eb&person_id=3633793719547723782&eid=50082
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
H2
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:49 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 23 Feb 2023 16:54:50 GMT

Redirect headers

date
Wed, 22 Feb 2023 21:54:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=ef382c47d29094eef7dad2712efb05098a4155580eac6a088f042d0d038022e9f4cb09cee1a4f8eb&person_id=3633793719547723782&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 4E53
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZGQABmP2jykAAAAIS%2BKSAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
HTTP/1.1
Server
13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-67-229.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGQABmP2jykAAAAIS+KSAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date
Wed, 22 Feb 2023 21:54:50 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
bk-coretag.js
tags.bkrtx.com/js/ Frame A1E0
51 KB
16 KB
Script
General
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.185.52 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-185-52.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 22 Feb 2023 21:54:50 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Wed, 01 Mar 2023 21:54:50 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 290D
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-21-123.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
content-encoding
gzip
via
1.1 6c748592897536a14218f656977fbc38.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 21:36:00 GMT
last-modified
Mon, 30 Jan 2023 17:09:16 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
age
1131
etag
W/"b33b67ced6b706568683ecea83e198c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
Izis8UFKr5DkJCr0O60pFVtvBX4rMkUUSVLyt5jRyAhGCIsgRSltgQ==
2981
tags.bluekai.com/site/ Frame 6961
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGQABmP2jykAAAAIS%2BKSAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1120.23353%26cid%3Dc010%...
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=QnBXdllDd005OVl3Q3dqTQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=QnBXdllDd005OVl3Q3dqTQ%3D%3D&google_tc=
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEAb0Htw9mmbB0R5Qafbq_zI&google_cver=1
62 B
315 B
Document
General
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEAb0Htw9mmbB0R5Qafbq_zI&google_cver=1
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Wed, 22 Feb 2023 21:54:50 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
296
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 21:54:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEAb0Htw9mmbB0R5Qafbq_zI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
81-f6a9c9a.js
static.vkplay.live/js/ Frame 1FDE
502 KB
136 KB
Script
General
Full URL
https://static.vkplay.live/js/81-f6a9c9a.js
Requested by
Host: static.vkplay.live
URL: https://static.vkplay.live/js/app-a9fb29c.js?v=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash
ff47ba810a35d3af552e8d81c2875fe23364723671ecf13b38f28a4c34dff3ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:10:49 GMT
Server
nginx
ETag
"63f668b9-21c71"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Cache-Control
max-age=1209600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
138353
Expires
Wed, 08 Mar 2023 21:54:50 GMT
v2
ap.lijit.com/readerinfo/ Frame 290D
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
462 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: sportsembed.su
URL: https://sportsembed.su/channels/hd/hd3.php
Protocol
HTTP/1.1
Server
23.92.190.74 Waxhaw, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
2aaecce6b1f5e8601c52c6e64655cc94ee8d094c8c11c235818c5fc8e7c589ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://sportsembed.su
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Wed, 22 Feb 2023 21:54:51 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://sportsembed.su
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
getVideoPreview
i.mycdn.me/ Frame 7039
14 KB
14 KB
Image
General
Full URL
https://i.mycdn.me/getVideoPreview?id=3681410484776&idx=15&type=39&tkn=paJUGvsiuM_lCMCBzkcwJP01xTc&fn=vid_x
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.156.158 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
ip158.156.mycdn.me
Software
apache /
Resource Hash
85d1656abd5d1a228b3d9f0f660d4c4a595f5185ea16d458ace88373b6911a78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
last-modified
Sat, 24 Dec 2022 21:54:52 GMT
server
apache
etag
"686897696a7c876b7e"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=100000000
accept-ranges
bytes
timing-allow-origin
*
content-length
14446
expires
Sun, 19 Nov 2023 21:54:52 GMT
truncated
/ Frame 7039
62 KB
62 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e

Request headers

Referer
Origin
https://vk.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
font/woff2
35d053fb74a91cc3aa6498043e8c4a09.78ed67208854c1de0ba0.js
vk.com/dist/ Frame 7039
276 KB
79 KB
Script
General
Full URL
https://vk.com/dist/35d053fb74a91cc3aa6498043e8c4a09.78ed67208854c1de0ba0.js?13b3e153fcc761bcdaa6
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
199d38f1f1253d6946e4057e76eb0e71fe8353858ce452b0035ec4444ea5cd93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
content-encoding
br
x-frontend
front225204
last-modified
Wed, 22 Feb 2023 07:32:51 GMT
server
kittenx
etag
"63f5c523-13a27"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
80423
expires
Sun, 26 Feb 2023 21:54:51 GMT
66ca193dea2abc977b93ba525d084995.4fb25c2851a1cebfe9fa.js
vk.com/dist/ Frame 7039
428 KB
101 KB
Script
General
Full URL
https://vk.com/dist/66ca193dea2abc977b93ba525d084995.4fb25c2851a1cebfe9fa.js?71d8ace1c082e6861517
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
3c15c82c2812855ffd2da618e8861273850a020c88e1b43e5de1ad95f1a76e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
content-encoding
br
x-frontend
front225204
last-modified
Fri, 17 Feb 2023 13:03:02 GMT
server
kittenx
etag
"63ef7b06-1941f"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
103455
expires
Sun, 26 Feb 2023 21:54:51 GMT
notifier.652f6b910fefa0986385.css
vk.com/dist/web/ Frame 7039
5 KB
1 KB
Stylesheet
General
Full URL
https://vk.com/dist/web/notifier.652f6b910fefa0986385.css?55a9454994b21537b02a7c0b491d2b71
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
33daa963a04f58768b91c0a6015cbf454a8916ab82c9c5911ad40a62257772bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
content-encoding
br
x-frontend
front225204
last-modified
Wed, 22 Feb 2023 10:49:40 GMT
server
kittenx
etag
"63f5f344-410"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
1040
expires
Sun, 26 Feb 2023 21:54:51 GMT
notifier.c5ae41d77c66a5e2266c.js
vk.com/dist/web/ Frame 7039
217 KB
47 KB
Script
General
Full URL
https://vk.com/dist/web/notifier.c5ae41d77c66a5e2266c.js?undefined
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
c7265ec09cf069d65d63ebe9dbc6e8fe4d86fd71b1c19ff26625925e7062c3a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
content-encoding
br
x-frontend
front225204
last-modified
Wed, 22 Feb 2023 11:42:27 GMT
server
kittenx
etag
"63f5ffa3-baa7"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
47783
expires
Sun, 26 Feb 2023 21:54:51 GMT
code.js
top-fwz1.mail.ru/js/ Frame 7039
33 KB
14 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 11 Jan 2023 13:29:54 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"63beb9d2-85cc"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 22 Feb 2023 22:54:51 GMT
counter
top-fwz1.mail.ru/ Frame 1FDE
43 B
958 B
Image
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3252494;u=https%3A//vkplay.live/app/embed/koravip;r=https%3A//online.alkoora.live/;st=1677102889900;title=VK%20Play%20Live%20-%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D1%80%D0%B8%D0%B7%D0%BE%D0%BD%D1%82%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D0%B8%D0%BD%D0%B3%D0%B0;s=1600*1200;vp=728*390;touch=0;hds=1;frame=1;flash=;sid=5c5c892459ae457d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1677102891365%3A1677102891371%3A1%3Aa65a20fc5f78d5e9d1bb4a9541655ee7;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7131456083682464
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
counter
top-fwz1.mail.ru/ Frame 1FDE
43 B
957 B
Image
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3247783;u=https%3A//vkplay.live/app/embed/koravip;r=https%3A//online.alkoora.live/;st=1677102889900;title=VK%20Play%20Live%20-%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D1%80%D0%B8%D0%B7%D0%BE%D0%BD%D1%82%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D0%B8%D0%BD%D0%B3%D0%B0;s=1600*1200;vp=728*390;touch=0;hds=1;frame=1;flash=;sid=5c5c892459ae457d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1677102891365%3A1677102891372%3A2%3Aa65a20fc5f78d5e9d1bb4a9541655ee7;opts=sec%2Cdl%2Cjst-gtag-ga;visible=true;_=0.7357514368624756
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
counter
top-fwz1.mail.ru/ Frame 1FDE
43 B
960 B
Image
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3254134;u=https%3A//vkplay.live/app/embed/koravip;r=https%3A//online.alkoora.live/;st=1677102889900;title=VK%20Play%20Live%20-%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D1%80%D0%B8%D0%B7%D0%BE%D0%BD%D1%82%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D0%B8%D0%BD%D0%B3%D0%B0;s=1600*1200;vp=728*390;touch=0;hds=1;frame=1;flash=;sid=5c5c892459ae457d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1677102891365%3A1677102891375%3A3%3Aa65a20fc5f78d5e9d1bb4a9541655ee7;opts=sec%2Cdl%2Cjst-gtag-ga;visible=true;_=0.002271657049991216
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1FDE
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: static.vkplay.live
URL: https://static.vkplay.live/js/81-f6a9c9a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 21:54:51 GMT
preview
images.boosty.to/public_video_stream/15044926/ Frame 1FDE
77 KB
77 KB
Image
General
Full URL
https://images.boosty.to/public_video_stream/15044926/preview?change_time=1677102756
Requested by
Host: vkplay.live
URL: https://vkplay.live/app/embed/koravip
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.74 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
founder.s.smailru.net
Software
nginx /
Resource Hash
90f3820c9ccaec95dd15b215712e7c7390c8d18e2bdfa00045e553bcfb5c472b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:52 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 22 Feb 2023 21:52:37 GMT
Server
nginx
Content-Type
image/jpeg
X-Host
filed8.my.mail.ru 0
Connection
keep-alive
Content-Length
78866
Expires
Wed, 08 Mar 2023 21:52:37 GMT
Inter-Regular.a7e06560e456e6b1d13f3a7139b2e179.woff2
static.vkplay.live/assets/fonts/ Frame 1FDE
87 KB
88 KB
Font
General
Full URL
https://static.vkplay.live/assets/fonts/Inter-Regular.a7e06560e456e6b1d13f3a7139b2e179.woff2
Requested by
Host: static.vkplay.live
URL: https://static.vkplay.live/css/styles-4442d90.css?v=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720

Request headers

Referer
https://static.vkplay.live/css/styles-4442d90.css?v=undefined
Origin
https://vkplay.live
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:51 GMT
Last-Modified
Wed, 22 Feb 2023 19:10:49 GMT
Server
nginx
ETag
"63f668b9-15c7c"
Access-Control-Allow-Methods
GET
Content-Type
font/woff2
Access-Control-Allow-Origin
https://vkplay.live
Cache-Control
max-age=1209600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
89212
Expires
Wed, 08 Mar 2023 21:54:51 GMT
truncated
/ Frame 1FDE
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54904377d3525fc6e56818981cd551ba316b59b6bada30e757aa149528db5934

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1FDE
229 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d773234a98958ef87b81fdc8691cee0a736ea3f386cbc1ac9616147983a87ecf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1FDE
718 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f000ab2daaac8b34ee1968e1a9be24d6f5deb780c9597620e6ac8b1962456a90

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1FDE
184 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
963c84221b1e8f0fb3126cb9c9b44e9479a617dcbb558dedfc90a397ffb9ab34

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1FDE
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8fbf24d29c8463e47a11b352f55ca4c917db86640874e10d7df65b0b70d5492

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1FDE
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a17ac2824cdd29256511466ac5e5b1e6e69459a93f4b76ec7c8532faff2c4cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1FDE
634 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96ef84e1ead81ff19bfdc4e7d289a6f173cb2a39cdf220a60e80bd5a7d90669f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1FDE
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
Origin
https://vkplay.live
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1FDE
616 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ccb06534df4e968f10088a73b9ed6483be3bfc4d9bd4cb4643fc01ea2b2423

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame 290D
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://sportsembed.su/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Feb 2023 15:20:35 GMT
content-encoding
gzip
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
23657
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 05 Jan 2023 18:30:29 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-id
v4ANxefsDDXuCbnODQdiavs7mz8qwhliDimxg0Hl30OsMH4wvylrTw==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F331
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=86234
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-33.phl51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://sportsembed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Wed, 22 Feb 2023 21:54:51 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server
Apache-Coyote/1.1
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
x-amz-cf-id
FlTtfTOzYn6Lml_x6ebomKPIDL87oRniT_T9TgrQj5qrqQwsrcSt_w==
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
59074
i6.liadm.com/s/ Frame 290D
Redirect Chain
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw&rnd=32229
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw&rnd=32229&_li_chk=true&previous_uuid=294a3c0296684394a1f8cd93e492ca77
  • https://i6.liadm.com/s/59074?bidder_id=204553&rnd=32229&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw
43 B
436 B
Image
General
Full URL
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=32229&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:baf3:573d:4b62:a404 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:51 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=32229&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw
Date
Wed, 22 Feb 2023 21:54:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
db_sync
px.ads.linkedin.com/ Frame 290D
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GM4icSZHesOXP8QTTMWSmCyw&rand=66695&pu=
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GM4icSZHesOXP8QTTMWSmCyw&rand=66695&pu=&expected_cookie=f5449e41-3c42-4dfb-a982-a2f9a9a28f6b
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GM4icSZHesOXP8QTTMWSmCyw&rand=66695&pu=&expected_cookie=f5449e41-3c42-4dfb-a982-a2f9a9a28f6b
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 0FCE03F14E1A4420AD18AEA32DEF76ED Ref B: YMQ01EDGE0814 Ref C: 2023-02-22T21:54:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1UPIbrmCGmuLa+Rj0sg==

Redirect headers

date
Wed, 22 Feb 2023 21:54:51 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 92B4D102D3524FDFA2ED75B5F17E4F83 Ref B: YMQ01EDGE0814 Ref C: 2023-02-22T21:54:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=15697&puuid=GM4icSZHesOXP8QTTMWSmCyw&rand=66695&pu=&expected_cookie=f5449e41-3c42-4dfb-a982-a2f9a9a28f6b
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1UPIazcccCrQSDZRkww==
merge
ce.lijit.com/ Frame 290D
Redirect Chain
  • https://um.simpli.fi/lj_match?r=95304
  • https://ce.lijit.com/merge?pid=2&3pid=DFEED44931E741108CE6B124866ABAEA
43 B
679 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=DFEED44931E741108CE6B124866ABAEA
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 21:54:51 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Wed, 22 Feb 2023 21:54:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=DFEED44931E741108CE6B124866ABAEA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 21 Feb 2023 21:54:51 GMT
57333
i6.liadm.com/s/ Frame 290D
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw&rnd=23055
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw&rnd=23055&_li_chk=true&previous_uuid=85304defa90747059eef930fb4dcf57c
  • https://i6.liadm.com/s/57333?bidder_id=204553&rnd=23055&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw
43 B
436 B
Image
General
Full URL
https://i6.liadm.com/s/57333?bidder_id=204553&rnd=23055&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:baf3:573d:4b62:a404 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:51 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/57333?bidder_id=204553&rnd=23055&bidder_uuid=GM4icSZHesOXP8QTTMWSmCyw
Date
Wed, 22 Feb 2023 21:54:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 9EEA
85 B
481 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-57.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://sportsembed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
227996
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Mon, 20 Feb 2023 06:34:56 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-id
AmLtisPN1RgrkvlgGdDjrdqVwQLATX1Q1jdX_noOc7lX04eDlH4d8w==
x-amz-cf-pop
PHL50-C1
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
data
bcp.crwdcntrl.net/6/ Frame 290D
628 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
69d06960f2fbed40f78e7ea985acd285419ae6333fa35c0f85e11b66f6d6c3cb

Request headers

Referer
https://sportsembed.su/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://sportsembed.su
cache-control
no-cache
x-server
10.40.35.174
access-control-allow-credentials
true
content-length
628
expires
0
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 1FDE
35 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Wed, 22 Feb 2023 21:54:51 GMT
cast_sender.js
www.gstatic.com/eureka/clank/110/ Frame 1FDE
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/110/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14851
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 16:13:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:25:41 GMT
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 9EEA
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-57.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 10:38:39 GMT
x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
558973
etag
"145e495d0d92a3c8fd975bfe5485b72c"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
8g48fwXGhO7wFDJYCS2-VbRHxKsGIUmp6_ZfV_p999LDA4UQixe4gg==
counter
top-fwz1.mail.ru/ Frame 7039
43 B
873 B
Image
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2685520;st=1677102891353;pid=0;s=1600*1200;vp=728*390;touch=0;hds=1;frame=1;flash=;sid=80c72033981f1dc4;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.2//4g/0/0/;lvid=1677102891639%3A1677102891641%3A1%3A4faa15d1ec3708e32e9178c44a968184;visible=true;_=0.2671142366856025
Requested by
Host: vk.com
URL: https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
merge
ce.lijit.com/ Frame 290D
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GM4icSZHesOXP8QTTMWSmCyw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GM4icSZHesOXP8QTTMWSmCyw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://ce.lijit.com/merge?pid=5001&3pid=198f51531bafa2ad3942e808c9801242
43 B
999 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=198f51531bafa2ad3942e808c9801242
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 21:54:51 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=198f51531bafa2ad3942e808c9801242
cache-control
no-cache
x-server
10.40.32.13
content-length
0
expires
0
pixel
ps.eyeota.net/ Frame 290D
807 B
1 KB
Script
General
Full URL
https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-8-37.compute-1.amazonaws.com
Software
/
Resource Hash
563bd9946cb40dd7e4eaa2647c5a06a7f8f298be754b945b3c4d3207f36de1b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Wed, 22 Feb 2023 21:54:51 GMT
Content-Length
807
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
a
a.dtssrv.com/ Frame 290D
0
467 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=6D001677102888C1C47FE9D28DAA8BE3&k=lotpano&v=0a5029ea344a41af15776f51523116d53938c97681f923a10bff087192b20fd5
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsportsembed.su%2Fchannels%2Fhd%2Fhd3.php&j=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:ca26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsQySo5m7fQP2e23TbnUrZEDesowIlUqCFYz6wduNjl6MISl1mzD%2F01p1qRigG6MWpqW0DThVSNzos8S1IqWKG5P%2BctJwEUjlmyw4WD4JOA%2BAsdpom5VtMwVb5fi4t4KG3YDjrwGH8sDUis%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
79daf6717ca91927-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 5657
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer
https://sportsembed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
23679
cache-control
max-age: 86400
content-encoding
gzip
content-type
text/html
date
Wed, 22 Feb 2023 15:20:13 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
x-amz-cf-id
CgTsGl32-Nq73oDo4HjGQzPmW_cEkLcGaTM3EpC6s0Rn6gjicAyZfA==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
match
ps.eyeota.net/ Frame 290D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjFOd0FNYWU2eUYxYkprX2hiMUstME1sdmw5TVg0Y1hnQmNHSzgxd014Zmc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEEXxLT6w3tUFsyzL1Cp8ID4&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEEXxLT6w3tUFsyzL1Cp8ID4&google_cver=1
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
HTTP/1.1
Server
3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-8-37.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 22 Feb 2023 21:54:51 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEEXxLT6w3tUFsyzL1Cp8ID4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/ Frame 290D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=a34459af-6a46-4292-a73a-6c6946667136&bid=1e2n4ou
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=a34459af-6a46-4292-a73a-6c6946667136&bid=1e2n4ou
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
HTTP/1.1
Server
3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-8-37.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 22 Feb 2023 21:54:51 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=a34459af-6a46-4292-a73a-6c6946667136&bid=1e2n4ou
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
191
5386
tags.bluekai.com/site/ Frame 290D
Redirect Chain
  • https://tags.bluekai.com/site/29535?limit=1&id=2LWqBfDehMquF8nOOGv_QXaMhrDqhemn2rNb5qveWjoQ
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
62 B
315 B
Image
General
Full URL
https://tags.bluekai.com/site/5386?id=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H2
Server
173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 22 Feb 2023 21:54:52 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=a34459af-6a46-4292-a73a-6c6946667136&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
221
receive
pixel.tapad.com/idsync/ex/ Frame 290D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2iMmjKbKwxOXZPEibuZ1m49H2S3EB63T9s4IUDm8paJ4
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3081&partner_device_id=2iMmjKbKwxOXZPEibuZ1m49H2S3EB63T9s4IUDm8paJ4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0bd8987a-7773-490b-bb6d-b979e00ed1d3%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a34459af-6a46-4292-a73a-6c6946667136&ttd_puid=0bd8987a-7773-490b-bb6d-b979e00ed1d3%2C%2C
95 B
123 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a34459af-6a46-4292-a73a-6c6946667136&ttd_puid=0bd8987a-7773-490b-bb6d-b979e00ed1d3%2C%2C
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a34459af-6a46-4292-a73a-6c6946667136&ttd_puid=0bd8987a-7773-490b-bb6d-b979e00ed1d3%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
match
ps.eyeota.net/ Frame 290D
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7817812823529289462&newuser=1&referrer_pid=51md42u
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7817812823529289462&newuser=1&referrer_pid=51md42u
Requested by
Host: en.weakstreams.live
URL: https://en.weakstreams.live/p/leipzig-vs-manchester-city-weakstreams.html
Protocol
HTTP/1.1
Server
3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-8-37.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sportsembed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 22 Feb 2023 21:54:52 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7817812823529289462&newuser=1&referrer_pid=51md42u
pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixels
bcp.crwdcntrl.net/ Frame 0C09
4 KB
4 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9327df2b59dd68a06076042b43d1b90a339e660ca417923affbfcc7983c3f5ef

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-length
4013
content-type
text/html
date
Wed, 22 Feb 2023 21:54:51 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.42.14
m
cm.mgid.com/ Frame 0C09
Redirect Chain
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=198f51531bafa2ad3942e808c9801242
  • https://cm.mgid.com/m?c=198f51531bafa2ad3942e808c9801242&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
43 B
156 B
Image
General
Full URL
https://cm.mgid.com/m?c=198f51531bafa2ad3942e808c9801242&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
79daf6727ba7ca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https://cm.mgid.com/m?c=198f51531bafa2ad3942e808c9801242&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
79daf6721acdca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
dcm
s.amazon-adsystem.com/ Frame 0C09
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=198f51531bafa2ad3942e808c9801242
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=198f51531bafa2ad3942e808c9801242&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=198f51531bafa2ad3942e808c9801242&dcc=t
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 21:54:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WNQ8M95KZ8PMD37Z4BNX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 21:54:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TCZD38622C5TB48CGTX3
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=198f51531bafa2ad3942e808c9801242&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9026057046332725502/gdpr=/ Frame 0C09
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1040
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1040
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9026057046332725502/gdpr=/gdpr_consent=
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9026057046332725502/gdpr=/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.40.145
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9026057046332725502/gdpr=/gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
qmap
sync.crwdcntrl.net/ Frame 0C09
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E3766EEF-2177-4960-9998-5CA08AF4D09B&gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E3766EEF-2177-4960-9998-5CA08AF4D09B&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.34.250
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E3766EEF-2177-4960-9998-5CA08AF4D09B&gdpr=0
date
Wed, 22 Feb 2023 21:54:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a34459af-6a46-4292-a73a-6c6946667136/gdpr=0/ Frame 0C09
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a34459af-6a46-4292-a73a-6c6946667136/gdpr=0/gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a34459af-6a46-4292-a73a-6c6946667136/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.40.52
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a34459af-6a46-4292-a73a-6c6946667136/gdpr=0/gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
tpid=2629024e-16d1-4ae6-af57-2017f5cd6720
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 0C09
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=198f51531bafa2ad3942e808c9801242&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=198f51531bafa2ad3942e808c9801242&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2629024e-16d1-4ae6-af57-2017f5cd6720%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a34459af-6a46-4292-a73a-6c6946667136&ttd_puid=2629024e-16d1-4ae6-af57-2017f5cd6720%2Chttps%253A%252F%252Fsync.crwdcntrl.n...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=2629024e-16d1-4ae6-af57-2017f5cd6720
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=2629024e-16d1-4ae6-af57-2017f5cd6720
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.34.234
content-length
49
expires
0

Redirect headers

date
Wed, 22 Feb 2023 21:54:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=2629024e-16d1-4ae6-af57-2017f5cd6720
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tpid=756a36c64ed0583cce0fef210b6fa841
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 0C09
Redirect Chain
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=756a36c64ed0583cce0fef210b6fa841
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=756a36c64ed0583cce0fef210b6fa841
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.65
content-length
49
expires
0

Redirect headers

date
Wed, 22 Feb 2023 21:54:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-length
142
x-xss-protection
1; mode=block
pragma
no-cache
to-dmp-sync
s1a-dmp-use1-aws.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=756a36c64ed0583cce0fef210b6fa841
access-control-allow-origin
*
cache-control
no-store
cf-ray
79daf67239475431-YYZ
expires
0
gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91379275860337797313989423024488539310/ Frame 0C09
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=198f51531bafa2ad3942e808c9801242&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=198f51531bafa2ad3942e808c9801242&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91379275860337797313989423024488539310/gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91379275860337797313989423024488539310/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.114
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-va6-1-v045-0fff71a4f.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5AWH8NLPQsw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91379275860337797313989423024488539310/gdpr=0
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame 0C09
0
543 B
Image
General
Full URL
https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:198f51531bafa2ad3942e808c9801242
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:51 GMT
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Arr-Disable-Session-Affinity
true
Content-Length
0
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
usermatch.gif
beacon.krxd.net/ Frame 0C09
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=198f51531bafa2ad3942e808c9801242
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.121.69 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-121-69.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by
beacon-n023-ash-prod.krxd.net
date
Wed, 22 Feb 2023 21:54:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=92 t=1677102892
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
ib.mookie1.com/ Frame 0C09
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=198f51531bafa2ad3942e808c9801242
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=198f51531bafa2ad3942e808c9801242
120 B
991 B
Image
General
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=198f51531bafa2ad3942e808c9801242
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
HTTP/1.1
Server
69.169.85.7 Woodbridge, United States, ASN29838 (AMC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 21:54:51 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/png
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
NY09
Content-Length
120
Expires
-1

Redirect headers

Date
Wed, 22 Feb 2023 21:54:51 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=198f51531bafa2ad3942e808c9801242
Access-Control-Allow-Origin
*
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control
private
X-Server
NY01
Content-Length
217
utsync.ashx
ml314.com/ Frame 0C09
43 B
63 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=198f51531bafa2ad3942e808c9801242&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:50 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Thu, 23 Feb 2023 16:54:51 GMT
qmap
sync.crwdcntrl.net/ Frame 0C09
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-682dba47-0962-41cb-77d8-baa651e6d379$ip$149.56.153.187&gdpr=0&gdpr_consent=
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-682dba47-0962-41cb-77d8-baa651e6d379$ip$149.56.153.187&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.179
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-682dba47-0962-41cb-77d8-baa651e6d379$ip$149.56.153.187&gdpr=0&gdpr_consent=
Date
Wed, 22 Feb 2023 21:54:51 GMT
Connection
keep-alive
Content-Length
168
Content-Type
text/html; charset=utf-8
qmap
sync.crwdcntrl.net/ Frame 0C09
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-Hc1VzfxE2pwijYozFwUTF.Mu0A2SQyeERPk-~A&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-Hc1VzfxE2pwijYozFwUTF.Mu0A2SQyeERPk-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.37.39
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-Hc1VzfxE2pwijYozFwUTF.Mu0A2SQyeERPk-~A&gdpr=0
date
Wed, 22 Feb 2023 21:54:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
qmap
sync.crwdcntrl.net/ Frame 0C09
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=287863f6-8f2c-4e00-bc15-d85beddae817&src=lot&gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=287863f6-8f2c-4e00-bc15-d85beddae817&src=lot&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.32.254
content-length
49
expires
0

Redirect headers

Date
Wed, 22 Feb 2023 21:54:52 GMT
Server
MT3 475 4bd2ccd master ord-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=287863f6-8f2c-4e00-bc15-d85beddae817&src=lot&gdpr=0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 22 Feb 2023 21:54:51 GMT
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3990cc86-23a1-40e9-a109-e49dda5664fd-63f68f2c-4341/ Frame 0C09
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3990cc86-23a1-40e9-a109-e49dda5664fd-63f68f2c-4341/gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3990cc86-23a1-40e9-a109-e49dda5664fd-63f68f2c-4341/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.46.171
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3990cc86-23a1-40e9-a109-e49dda5664fd-63f68f2c-4341/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
gdpr=0&_test=Y-aPLAAJIGbG1wAF
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y-aPLAAJIGbG1wAF/ Frame 0C09
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=Y-aPLAAJIGbG1wAF
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y-aPLAAJIGbG1wAF/gdpr=0&_test=Y-aPLAAJIGbG1wAF
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y-aPLAAJIGbG1wAF/gdpr=0&_test=Y-aPLAAJIGbG1wAF
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.137
content-length
49
expires
0

Redirect headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677102892.062473,VS0,VE0
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y-aPLAAJIGbG1wAF/gdpr=0&_test=Y-aPLAAJIGbG1wAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0C09
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MTk4ZjUxNTMxYmFmYTJhZDM5NDJlODA4Yzk4MDEyNDI&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 0C09
62 B
315 B
Image
General
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=39e356ca96550c1cfe2296bf6809d10c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 22 Feb 2023 21:54:51 GMT
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame 0C09
103 B
722 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-10.phl51.r.cloudfront.net
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
via
1.1 c0b8ad2b338051f9d0463eb8de3956ae.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL51-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
103
x-amz-cf-id
dqCyD2aQGaSJJWyx5RKhglTi4lvLZsRbCpBAxk32pD_zlcca_J31WQ==
expires
0
pixel
cm.g.doubleclick.net/ Frame 0C09
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=MTk4ZjUxNTMxYmFmYTJhZDM5NDJlODA4Yzk4MDEyNDI&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7889870417567217398/ Frame 0C09
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/198f51531bafa2ad3942e808c9801242/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7889870417567217398/gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7889870417567217398/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.10.140
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7889870417567217398/gdpr=0
pragma
no-cache
date
Wed, 22 Feb 2023 21:54:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=837892127
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8922027604203508338/gdpr=0/ Frame 0C09
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=837892127
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D837892127
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8922027604203508338/gdpr=0/rand=837892127
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8922027604203508338/gdpr=0/rand=837892127
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C153%2C145%2C136%2C116%2C106%2C104%2C94%2C92%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol
H2
Server
35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-226-14.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.80
content-length
49
expires
0

Redirect headers

Date
Wed, 22 Feb 2023 21:54:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a203ea9f-a271-40e7-bf69-4d0e765e3f3c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8922027604203508338/gdpr=0/rand=837892127
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
api.vkplay.live/v1/stat/ClientInfo/ Frame 1FDE
17 B
538 B
XHR
General
Full URL
https://api.vkplay.live/v1/stat/ClientInfo/
Requested by
Host: static.vkplay.live
URL: https://static.vkplay.live/js/vendor-c3ffea9.js?v=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash
c0165c942db5d1d6bebdd4c050db13d84846ab84eb032d33761f486151bd5cab

Request headers

Accept
application/json, text/plain, */*
Referer
https://vkplay.live/app/embed/koravip
X-App
streams_web
X-From-Id
21714b8e-629f-49cc-8bb1-fee6e092c743
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 22 Feb 2023 21:54:52 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vkplay.live
Access-Control-Expose-Headers
X-New-User
Cache-Control
no-cache, no-store, must-revalidate, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-App,X-From-Id,X-Referer,Authorization,X-Locale,X-Invite
Content-Length
17
/
api.vkplay.live/v1/stat/ClientInfo/ Frame
0
0
Preflight
General
Full URL
https://api.vkplay.live/v1/stat/ClientInfo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.163.217.75 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
vkplay.s.smailru.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-app,x-from-id
Access-Control-Request-Method
POST
Origin
https://vkplay.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type,X-App,X-From-Id,X-Referer,Authorization,X-Locale,X-Invite
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://vkplay.live
Access-Control-Expose-Headers
X-New-User
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Wed, 22 Feb 2023 21:54:52 GMT
Server
nginx
eujjnbvtnml.m3u8
q6wfjsqg9yt6w93r.cdnexpress11.net/hls/ Frame 2C51
1 KB
2 KB
XHR
General
Full URL
https://q6wfjsqg9yt6w93r.cdnexpress11.net:8443/hls/eujjnbvtnml.m3u8?s=dgEQ0I0tn6waB6yhVMe54Q&e=1677124488
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.33 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
299eec3d50a0956c8c2b7821c14b97aab5b4dbf62c3da3894b5a5b0b80a4b60b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:52 GMT
Last-Modified
Wed, 22 Feb 2023 21:54:25 GMT
Server
nginx/1.18.0
ETag
"63f68f11-524"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
1316
videoplayer.4cab4b6c0e12baa9e937.css
vk.com/css/al/ Frame 7039
218 KB
36 KB
Stylesheet
General
Full URL
https://vk.com/css/al/videoplayer.4cab4b6c0e12baa9e937.css?undefined
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
c4dfefb3d3e98a5dff08c38f94d1dad9fab79fc0cbe17deee35a7789f5595673

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
content-encoding
br
x-frontend
front225204
last-modified
Thu, 16 Feb 2023 08:58:12 GMT
server
kittenx
etag
"63edf024-8d65"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
36197
expires
Sun, 26 Feb 2023 21:54:52 GMT
62895bf9d6c50bf261cace688a997be8.1a78740419af2fdbb655.js
vk.com/dist/ Frame 7039
297 KB
74 KB
Script
General
Full URL
https://vk.com/dist/62895bf9d6c50bf261cace688a997be8.1a78740419af2fdbb655.js
Requested by
Host: st6-21.vk.com
URL: https://st6-21.vk.com/dist/web/videoview.8b3fc5ee2506fe2b0f50.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
8b5cf25bb367875da02a558787dc8c02890f36fb6501005b2cf82d2209df6cb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
content-encoding
br
x-frontend
front225204
last-modified
Thu, 16 Feb 2023 09:04:47 GMT
server
kittenx
etag
"63edf1af-12666"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
75366
expires
Sun, 26 Feb 2023 21:54:52 GMT
videoplayer_v2.24ea2934f4f5e44a9e82.js
vk.com/dist/ Frame 7039
289 KB
72 KB
Script
General
Full URL
https://vk.com/dist/videoplayer_v2.24ea2934f4f5e44a9e82.js
Requested by
Host: st6-21.vk.com
URL: https://st6-21.vk.com/dist/web/videoview.8b3fc5ee2506fe2b0f50.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
74f1c3f3f6afb4591e0985e5ceb013c37e11a3d20b268d22259df5ea85ff182b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
content-encoding
br
x-frontend
front225204
last-modified
Wed, 22 Feb 2023 12:10:34 GMT
server
kittenx
etag
"63f6063a-11f0b"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
73483
expires
Sun, 26 Feb 2023 21:54:52 GMT
tracker
top-fwz1.mail.ru/ Frame 1FDE
43 B
874 B
Image
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3252494;u=https%3A//vkplay.live/app/embed/koravip;r=https%3A//online.alkoora.live/;st=1677102889900;title=VK%20Play%20Live%20-%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D1%80%D0%B8%D0%B7%D0%BE%D0%BD%D1%82%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D0%B8%D0%BD%D0%B3%D0%B0;s=1600*1200;vp=728*390;touch=0;hds=1;frame=1;flash=;sid=5c5c892459ae457d;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1677102887739/////1/508/508/508/779/641/779/1104/1107/1425/2161/3122/3122/4696/4697/;ni=10//4g/0/0/;lvid=1677102891365%3A1677102892437%3A4%3Aa65a20fc5f78d5e9d1bb4a9541655ee7;opts=dl%2Cjst-gtag-ga;visible=true;_=0.20154157907184755;e=RT/load;et=1677102892436
Requested by
Host: online.alkoora.live
URL: https://online.alkoora.live/albaplayer/on-time-sport-1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
tracker
top-fwz1.mail.ru/ Frame 1FDE
43 B
874 B
Image
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3247783;u=https%3A//vkplay.live/app/embed/koravip;r=https%3A//online.alkoora.live/;st=1677102889900;title=VK%20Play%20Live%20-%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D1%80%D0%B8%D0%B7%D0%BE%D0%BD%D1%82%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D0%B8%D0%BD%D0%B3%D0%B0;s=1600*1200;vp=728*390;touch=0;hds=1;frame=1;flash=;sid=5c5c892459ae457d;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1677102887739/////1/508/508/508/779/641/779/1104/1107/1425/2161/3122/3122/4696/4697/;ni=10//4g/0/0/;lvid=1677102891365%3A1677102892437%3A5%3Aa65a20fc5f78d5e9d1bb4a9541655ee7;opts=sec%2Cdl%2Cjst-gtag-ga;visible=true;_=0.4034825463138494;e=RT/load;et=1677102892436
Requested by
Host: online.alkoora.live
URL: https://online.alkoora.live/albaplayer/on-time-sport-1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
tracker
top-fwz1.mail.ru/ Frame 1FDE
43 B
875 B
Image
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3254134;u=https%3A//vkplay.live/app/embed/koravip;r=https%3A//online.alkoora.live/;st=1677102889900;title=VK%20Play%20Live%20-%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D1%80%D0%B8%D0%B7%D0%BE%D0%BD%D1%82%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D0%B8%D0%BD%D0%B3%D0%B0;s=1600*1200;vp=728*390;touch=0;hds=1;frame=1;flash=;sid=5c5c892459ae457d;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1677102887739/////1/508/508/508/779/641/779/1104/1107/1425/2161/3122/3122/4696/4697/;ni=10//4g/0/0/;lvid=1677102891365%3A1677102892438%3A6%3Aa65a20fc5f78d5e9d1bb4a9541655ee7;opts=sec%2Cdl%2Cjst-gtag-ga;visible=true;_=0.049900958677215224;e=RT/load;et=1677102892436
Requested by
Host: online.alkoora.live
URL: https://online.alkoora.live/albaplayer/on-time-sport-1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vkplay.live/app/embed/koravip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
eujjnbvtnml.m3u8
q6wfjsqg9yt6w93r.cdnexpress11.net/hls/ Frame 2C51
1 KB
2 KB
XHR
General
Full URL
https://q6wfjsqg9yt6w93r.cdnexpress11.net:8443/hls/eujjnbvtnml.m3u8?s=dgEQ0I0tn6waB6yhVMe54Q&e=1677124488
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.33 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
299eec3d50a0956c8c2b7821c14b97aab5b4dbf62c3da3894b5a5b0b80a4b60b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:52 GMT
Last-Modified
Wed, 22 Feb 2023 21:54:25 GMT
Server
nginx/1.18.0
ETag
"63f68f11-524"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
1316
ab10f614-dbef-47d3-8dc6-f2ac5c6634ca
https://g8400m3ybg8x3x.trustexploration.com/ Frame 2C51
61 KB
0
Other
General
Full URL
blob:https://g8400m3ybg8x3x.trustexploration.com/ab10f614-dbef-47d3-8dc6-f2ac5c6634ca
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
eujjnbvtnml-922461570.ts
q6wfjsqg9yt6w93r.cdnexpress11.net/hls/ Frame 2C51
6 MB
6 MB
XHR
General
Full URL
https://q6wfjsqg9yt6w93r.cdnexpress11.net:8443/hls/eujjnbvtnml-922461570.ts
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.33 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7149b16d81001df53a4ff28f7abf16bcc01bd3fa2794a410223a5dfe749d804f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:52 GMT
Last-Modified
Wed, 22 Feb 2023 21:53:35 GMT
Server
nginx/1.18.0
ETag
"63f68edf-5b6bcc"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
5991372
eujjnbvtnml-926965170.ts
q6wfjsqg9yt6w93r.cdnexpress11.net/hls/ Frame 2C51
8 MB
8 MB
XHR
General
Full URL
https://q6wfjsqg9yt6w93r.cdnexpress11.net:8443/hls/eujjnbvtnml-926965170.ts
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.33 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g8400m3ybg8x3x.trustexploration.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 21:54:52 GMT
Last-Modified
Wed, 22 Feb 2023 21:54:25 GMT
Server
nginx/1.18.0
ETag
"63f68f11-80c1b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
8438192
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 7039
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: vk.com
URL: https://vk.com/dist/62895bf9d6c50bf261cace688a997be8.1a78740419af2fdbb655.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 21:54:52 GMT
truncated
/ Frame 7039
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
Origin
https://vk.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
fb.do
api.mycdn.me/ Frame 7039
248 B
589 B
Fetch
General
Full URL
https://api.mycdn.me/fb.do
Requested by
Host: vk.com
URL: https://vk.com/dist/videoplayer_v2.24ea2934f4f5e44a9e82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.147.23 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
ip23.147.odnoklassniki.ru
Software
apache /
Resource Hash
d8c5bac3437c1cd775e242468c37c69a7f417b6d4bdb2f4c0514925d586aebff
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://vk.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:53 GMT
strict-transport-security
max-age=16000000;includeSubdomains
x-content-type-options
nosniff
server
apache
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vk.com
content-language
en-CA
cache-control
no-cache, no-store
access-control-allow-headers
Content-Type, X-OK-Proxy
content-length
248
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 7039
440 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20ed81dce61ec051d4163c3e7f6ddb7ccd3068015eb9aaf0b0482fac5a014fb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
podcast_icon_2x.png
vk.com/images/video/ Frame 7039
7 KB
7 KB
Image
General
Full URL
https://vk.com/images/video/podcast_icon_2x.png
Requested by
Host: vk.com
URL: https://vk.com/css/al/videoplayer.4cab4b6c0e12baa9e937.css?undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
ff1a155bdc61dd10d5dc44cd437b43cc3c14cf151b0c2b6d89983c9f592bbe06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/css/al/videoplayer.4cab4b6c0e12baa9e937.css?undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
last-modified
Wed, 17 Nov 2021 11:33:25 GMT
server
kittenx
etag
"6194e885-1c79"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
7289
expires
Wed, 01 Mar 2023 21:54:52 GMT
truncated
/ Frame 7039
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47a028c8b0423baa47585c9adde67229c7228395b7c28611216e15c320d17f73

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 7039
746 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ca527d817d285c7c10ae207f4401004c6dc84e01c98e8e71d04e2d9539436da

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 7039
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
faaef63028a05e198e646a54440e6700eda7c37229fd910f4c041fffcf6b6b84

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 7039
62 KB
62 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5efafd26d85f9d6c3340aa7b81aff0a4d9fe27d8f9ec9885565afb9fa2097d91

Request headers

Referer
Origin
https://vk.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
font/woff2
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 7039
35 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Wed, 22 Feb 2023 21:54:52 GMT
cast_sender.js
www.gstatic.com/eureka/clank/110/ Frame 7039
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/110/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14851
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 16:13:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:25:41 GMT
abc_light.5b3dc4c432352991578e.js
vk.com/dist/web/ Frame 7039
54 KB
12 KB
Script
General
Full URL
https://vk.com/dist/web/abc_light.5b3dc4c432352991578e.js?e3414cc50d48839d06ebf0871e64d80a
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
277d9360d91644e6a03244ed73000a5331f1daba5999acd57b787e7481f6073c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
content-encoding
br
x-frontend
front225204
last-modified
Mon, 13 Feb 2023 20:28:19 GMT
server
kittenx
etag
"63ea9d63-30b3"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
12467
expires
Sun, 26 Feb 2023 21:54:52 GMT
al_video.php
vk.com/ Frame 7039
210 B
682 B
XHR
General
Full URL
https://vk.com/al_video.php?act=player_error_stat
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113366
Resource Hash
b3ae08509d0f9d1142838a568c7d7a536f703c30049dd5f58e849b844e094286
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 21:54:52 GMT
content-encoding
gzip
x-frontend
front225204
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113366
content-type
application/json; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
187
a.gif
t.sharethis.com/d/ Frame 4E53
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGQABmP2jykAAAAIS%252BKSAw%253D%253D&tt=t.dhj&dhjLcy=1677102889826&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1120.23353&ell=d&cck=__stid&dmn=sportsembed.su&pn=%2Fchannels%2Fhd%2Fhd3.php&qs=na&cc=CA&cont=NA&evid=3uzH7ZYAlLTbg6l-I-Vy&urls=!1!328!b-13j,!1!397!b-13h,!1!397!b-14s,!1!0!b-14t,!1!1203!b-150,!1!391!b-16f&rnd=1677102892926&cid=c010&version=1.1120.23353&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=36
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.106.226.133 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-106-226-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 21:54:52 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Wed, 22 Feb 2023 21:54:52 GMT
loader_nav3395164_3.js
vk.com/js/ Frame 7039
257 KB
54 KB
Script
General
Full URL
https://vk.com/js/loader_nav3395164_3.js
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113366
Resource Hash
94c8b5f66306cfb8de675d7dcc50acab77b3bea9e579ef97cc80f3fe9573a532
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:53 GMT
content-encoding
gzip
x-frontend
front225204
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113366
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
55293
common.fec9caf3655bc5464902.css
vk.com/css/al/ Frame 7039
417 KB
57 KB
Stylesheet
General
Full URL
https://vk.com/css/al/common.fec9caf3655bc5464902.css?undefined
Requested by
Host: vk.com
URL: https://vk.com/js/al/lite.js?107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
e3fcda652b8109742f424e0f8aec0b077b175f2ac5af6646570216ca8fff44a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vk.com/video_ext.php?oid=768106792&id=456239018&hash=e76e678eafc4c691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:54:53 GMT
content-encoding
br
x-frontend
front225204
last-modified
Wed, 22 Feb 2023 15:59:24 GMT
server
kittenx
etag
"63f63bdc-e1b8"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
57784
expires
Sun, 26 Feb 2023 21:54:53 GMT
/
swarm.video/stats/ Frame 2C51
424 B
765 B
XHR
General
Full URL
https://swarm.video/stats/
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
39b2638b20c43a136b8b1d31c7830c6fce9c3e7eabd9598f32e4e031bf35660f

Request headers

Accept
application/json, text/plain, */*
Referer
https://g8400m3ybg8x3x.trustexploration.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Feb 2023 21:54:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1a8-XFIgp8da+6j4jCQyI8iARm6mhKU"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjiKH9Q8kq0tJPHafkA%2B9VOVpsC6yVnmovIYivmttpMetsM1zWyoEb%2BX3vR27PpO83DDMecsJzjpMKiKF90juZwnFhG8D799wFLUapUdCM%2FPZl%2FjqnUzyIHsiDoC9xiGBkDoyXsOKu2XQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
79daf6820e9019d7-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
swarm.video/stats/ Frame
0
0
Preflight
General
Full URL
https://swarm.video/stats/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://g8400m3ybg8x3x.trustexploration.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79daf6815d6f19d7-EWR
content-length
0
date
Wed, 22 Feb 2023 21:54:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZD%2B9fjIhjzkqtqlNYvYGcJ59lnaFQsJ7Z%2FsBUBnJyA%2F%2BjffGMAS0SFHs3Lpj5tE1xWyX7EXaxJ3KFaCBYqOl9WKoKJth8w%2FRiN2Q%2B%2B7ZR46czf%2BnTqI2clFev0fgGF37kQJcK9t5D5H9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Headers
x-powered-by
Express
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 2C51
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://g8400m3ybg8x3x.trustexploration.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:16:47 GMT
x-content-type-options
nosniff
age
38287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 11:16:47 GMT
fb.do
api.mycdn.me/ Frame 1FDE
248 B
592 B
Fetch
General
Full URL
https://api.mycdn.me/fb.do
Requested by
Host: static.vkplay.live
URL: https://static.vkplay.live/js/81-f6a9c9a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.147.23 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
ip23.147.odnoklassniki.ru
Software
apache /
Resource Hash
27b53a8b9b99f95f9030a9cf78576d6f48a4f9b06f3a708daf6af4cf40de289f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://vkplay.live/app/embed/koravip
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:55 GMT
strict-transport-security
max-age=16000000;includeSubdomains
x-content-type-options
nosniff
server
apache
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vkplay.live
content-language
en-CA
cache-control
no-cache, no-store
access-control-allow-headers
Content-Type, X-OK-Proxy
content-length
248
expires
Thu, 01 Jan 1970 00:00:00 GMT
fb.do
api.mycdn.me/ Frame 7039
0
0
Fetch
General
Full URL
https://api.mycdn.me/fb.do
Requested by
Host: vk.com
URL: https://vk.com/dist/videoplayer_v2.24ea2934f4f5e44a9e82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.147.23 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
ip23.147.odnoklassniki.ru
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://vk.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 21:54:56 GMT
strict-transport-security
max-age=16000000;includeSubdomains
x-content-type-options
nosniff
server
apache
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vk.com
content-language
en-CA
cache-control
no-cache, no-store
access-control-allow-headers
Content-Type, X-OK-Proxy
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cup.yalla-shoot.video
URL
https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
Domain
online.alkoora.live
URL
https://online.alkoora.live/albaplayer/on-time-sport-1/

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| oncontentvisibilityautostatechange object| FB string| noThumbnail function| uhd object| exportify function| $ function| jQuery function| Cookies function| shortCodeIfy function| msgError function| beforeLoader function| getFeedUrl function| getPostLink function| MM function| getPostTitle function| getPostTag function| getPostAuthor function| getPostDate function| getPostMeta function| getFirstImage function| getPostImage function| getPostImageType function| getPostSummary function| getPostComments function| getAjax function| ajaxWidget function| ajaxRelated function| disqusComments function| beautiAvatar function| fixedSidebarIfy function| ajaxMega function| ajaxTicker function| ajaxFeatured function| ajaxBlock boolean| fixedMenu string| viewAllText boolean| darkMode boolean| userDarkMode function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| zfgstorage object| q47b9ocu6et object| zfgformats function| onClickTrigger boolean| zfgloadedpopup boolean| fixedSidebar object| __buffer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint

81 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxDAFA
g8400m3ybg8x3x.trustexploration.com/ Name: hf3
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1677102888
.dtscout.com/ Name: l
Value: 6D001677102888C1C47FE9D28DAA8BE3
.vk.com/ Name: remixlang
Value: 3
.vk.com/ Name: remixstlid
Value: 9078646813024358944_yuAf0Y2W8OzfioXhTw2BnZHeeOyzv2LoxxBWH0hs590
.vk.com/ Name: remixstid
Value: 1263509830_XhBZMIfR5jLp4f9w2uFnQVTxVlQLKHhrKyXdsFidsPT
.sharethis.com/ Name: __stid
Value: ZGQABmP2jykAAAAIS+KSAw==
.sharethis.com/ Name: __stidv
Value: 2
.dtscdn.com/ Name: uid
Value: 6D001677102888C1C47FE9D28DAA8BE3
.onaudience.com/ Name: cookie
Value: 9d8f94d9eca4cc74
.onaudience.com/ Name: done_redirects161
Value: 1
.gamerarcades.com/ Name: __cf_bm
Value: cRCsvuPBLbkvaPYerXYbu.Wv2ln.lUiv86SivOX_eEM-1677102889-0-ASuZ6s9OAO8EJG7hRLQei6kQ+Lzu9BYecyTmuv+hPFdFqe9wbkWXskZ6B8Pp+xu8rL0QVkQNSqKXShRVorpmfgVzFmjHyJAFABiIVNP5rtRWjbm5gEU5TMtsqIVRx0QUKSq9YvZN7I10Y6i8e7Nxr6c=
.techclips.net/ Name: __cf_bm
Value: bAtj_2.n7EKxYy5vdR45xqAKPQ7bc34vr_neOvIYNPY-1677102889-0-AcJ6shoDjD9LoNap5bxuePzPrLgfTfkWkc1yT5iqvWiEcHTMlkt5tXXe8mEwtOGzs3ABTH4sRY0KM6YWZ5TL3YrJd0XxxJ5zzh0OLroqSBKWQwSPJRyfKFpTv6SOmQPINveRPw9fqJr7H8lmQcX+P1M=
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1677102889925
.adsrvr.org/ Name: TDID
Value: a34459af-6a46-4292-a73a-6c6946667136
.eyeota.net/ Name: mako_uid
Value: 1867b1f3c2f-76d70000010a4322
.eyeota.net/ Name: SERVERID
Value: 17186~DM
.exelator.com/ Name: EE
Value: "1295b76c04aff354504933301651725f"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHQyNI0ydws2cAkMS3N2NTE1MDE0tjY2MDQzNTQ3Mg0bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYEl%252BUWb6ImfHxUUpaQyLSopPBR%252B2nQAAQDEo9g%253D%253D"
.onaudience.com/ Name: done_redirects109
Value: 1
.ml314.com/ Name: pi
Value: 3633793719547723782
.mail.ru/ Name: p
Value: 7lQAADwQvZcA
.bluekai.com/ Name: bku
Value: +rQ99Y3w2ZmumQGv
.rlcdn.com/ Name: rlas3
Value: 63epoYvfA8I+oAAJAHURR1c5Y3jFbp61fqM/jL30gOQ=
.rlcdn.com/ Name: pxrc
Value: CKqe2p8GEgUI6AcQABIFCNtOEAA=
.vkplay.ru/ Name: mr1lad
Value: 63f68f2a1d976552-100-100-
.doubleclick.net/ Name: IDE
Value: AHWqTUmK7DX-qx3EflC3MuUgjCUYr6GAABRZQK3-civjryqny4Ptc8nGxleUanvo_Ag
.lijit.com/ Name: ljt_reader
Value: GM4icSZHesOXP8QTTMWSmCyw
.vkplay.live/ Name: mr1lad
Value: 63f68f2a1d976552-100-100-
.simpli.fi/ Name: suid
Value: DFEED44931E741108CE6B124866ABAEA
.linkedin.com/ Name: li_sugr
Value: f5449e41-3c42-4dfb-a982-a2f9a9a28f6b
.linkedin.com/ Name: bcookie
Value: "v=2&787a9b42-9e38-4420-8501-7f2dd47adf43"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2803:u=1:x=1:i=1677102891:t=1677189291:v=2:sig=AQFaSn82sqcVYHKvQg5c_0MN9oZl7OID"
.liadm.com/ Name: lidid
Value: 85304def-a907-4705-9eef-930fb4dcf57c
.lijit.com/ Name: _ljtrtb_2
Value: DFEED44931E741108CE6B124866ABAEA
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 198f51531bafa2ad3942e808c9801242
.intentiq.com/ Name: IQver
Value: 1.9
.lijit.com/ Name: ljtrtb
Value: eJyrVjJSslJycXN1dTExsTQ2dDU3MTQ0sHB2NXMyNDKxMDNzdHJ0dVSqBQC7CwlJ
.lijit.com/ Name: _ljtrtb_5001
Value: 198f51531bafa2ad3942e808c9801242
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 9026057046332725502
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: 0f0rtmdebr0a1eqh3kyeqhsj
.mgid.com/ Name: muidn
Value: n1mPhw8dj2Sd
.mgid.com/ Name: __cf_bm
Value: XG0Dy0h_ASzmyKFeZZpnE8dzZYnZb7loLaJnxXUceKE-1677102891-0-AX/VmqcjG9ONd8kpOLBs47PNj2H1df+2SgWmwWYNWZb5CCmh7mqgc0AZHdpDkdcPbISFijxYNqnfAO7uAWdGELs=
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.truoptik.com/ Name: to_master_s
Value: 756a36c64ed0583cce0fef210b6fa841
.truoptik.com/ Name: to_version_s
Value: b2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E3766EEF-2177-4960-9998-5CA08AF4D09B
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHYmx1ZWthaRILCJiggcquyso7EAUSFAoFdGFwYWQSCwjSu_XTrsrKOxAFGAEgASgCMgsI0rP4gMXKyjsQBTgBWgV0YXBhZGAC
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1293
cm.mgid.com/ Name: mg_sync
Value: {}
.amazon-adsystem.com/ Name: ad-id
Value: Azeaj5Zxn09QiYhEL2t96sM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tapad.com/ Name: TapAd_TS
Value: 1677102891841
.tapad.com/ Name: TapAd_DID
Value: 2629024e-16d1-4ae6-af57-2017f5cd6720
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-682dba47-0962-41cb-77d8-baa651e6d379.CHPgOb0AlCqToS8v%2B6MeqA82dRVYsJcM6Rz39IVQ30I
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AaC26RwliQct32LqmUebTeZU4mbs.c7XC%2FnHgm5Wa%2Baia36zkHcqPTMJsWmeV7mO1yALSNBQ
.demdex.net/ Name: demdex
Value: 91379275860337797313989423024488539310
.yahoo.com/ Name: A3
Value: d=AQABBCuP9mMCEChiBsHUFU8F0S4ArdMDnxkFEgEBAQHg92MAZAAAAAAA_eMAAA&S=AQAAAnuWRv1CYMELgmc-QKKKufA
.dpm.demdex.net/ Name: dpm
Value: 91379275860337797313989423024488539310
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y-aPLAAJIGbG1wAF
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: 4ztlhqduzfkyeekayfws2shk
.ib.mookie1.com/ Name: ibkukiuno
Value: s=2792f893-8a9a-47e7-8be9-708b7bfe9f05&h=&v=1077039061&l=-8585245039934498550&op=&hl=0&vlu=3&tcs=1&dcc=-8585245039934498550
.ib.mookie1.com/ Name: ibkukinet
Value: 2503514555=-8585245039934498550
.c.cintnetworks.com/ Name: TiPMix
Value: 91.81442724166664
.c.cintnetworks.com/ Name: x-ms-routing-name
Value: self
.sitescout.com/ Name: ssi
Value: 3990cc86-23a1-40e9-a109-e49dda5664fd#1677102892050
.adnxs.com/ Name: uuid2
Value: 8922027604203508338
.krxd.net/ Name: _kuid_
Value: PZUHvF0Q
.agkn.com/ Name: ab
Value: 0001%3AB%2F1U6YyQVO0FaXlCF1ak7XS4hM8ZMZgP
.mathtag.com/ Name: uuid
Value: 287863f6-8f2c-4e00-bc15-d85beddae817
.sitescout.com/ Name: _ssuma
Value: eyI3IjoxNjc3MTAyODkyMDg3fQ
.turn.com/ Name: uid
Value: 7817812823529289462
.analytics.yahoo.com/ Name: IDSYNC
Value: 19bk~2a59
.mail.ru/ Name: VID
Value: 01KwvH2eRGIF00000p1cP4IF:::0-0-0-910e7eb:CAASENHDmGreEFjdVPiycYTnFLgaYE3WhMVXYqW7woanJOmecYJW3NqFuYbsnUjEw9Vl2-h9YAzvJZrXTLEt8T82Ifl5_ai7wSapa5xcy8VpRhGLSSk1VQ1VZljKBwKB3uezDbpB1yMG5kqYkQ05cNz2A-XLwA
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 54

2 Console Messages

Source Level URL
Text
other warning URL: https://stad.yalla-shoot.io/sa/c1.php(Line 33)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
rendering warning URL: https://g8400m3ybg8x3x.trustexploration.com/embed/eujjnbvtnml(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1l-hit.vkplay.ru
a.dtssrv.com
aa.agkn.com
ap.lijit.com
api.intentiq.com
api.mycdn.me
api.vkplay.live
awstats.cloud
bcp.crwdcntrl.net
beacon.krxd.net
bedrapiona.com
befirstcdn.com
blogger.googleusercontent.com
c.cintnetworks.com
c1.adform.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
connect.facebook.net
cup.yalla-shoot.video
d.turn.com
data-beacons.s-onetag.com
dmp.truoptik.com
dpm.demdex.net
draft.blogger.com
e.dtscout.com
en.weakstreams.live
fonts.googleapis.com
fonts.gstatic.com
g8400m3ybg8x3x.trustexploration.com
gamerarcades.com
get.s-onetag.com
global.ib-ibi.com
googleads.g.doubleclick.net
href.li
i.liadm.com
i.mycdn.me
i6.liadm.com
ib.mookie1.com
idsync.rlcdn.com
image6.pubmatic.com
images.boosty.to
inklinkor.com
ipapi.co
ljii.github.io
loada.exelator.com
loadus.exelator.com
match.adsrvr.org
ml314.com
onetag-geo.s-onetag.com
online.alkoora.live
p.typekit.net
pagead2.googlesyndication.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
pro.fontawesome.com
ps.eyeota.net
px.ads.linkedin.com
q6wfjsqg9yt6w93r.cdnexpress11.net
rs.mail.ru
s.amazon-adsystem.com
s10.histats.com
s4.histats.com
secure.adnxs.com
sportsembed.su
ssl.google-analytics.com
st6-21.vk.com
stad.yalla-shoot.io
stags.bluekai.com
static.cloudflareinsights.com
static.vkplay.live
swarm.video
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.sharethis.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
techclips.net
top-fwz1.mail.ru
um.simpli.fi
ups.analytics.yahoo.com
use.typekit.net
vk.com
vkplay.live
vyazd.com
weakstream.org
whos.amung.us
widgets.amung.us
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
youradexchange.com
cup.yalla-shoot.video
online.alkoora.live
104.106.226.133
104.127.185.52
104.16.111.154
104.21.26.234
108.138.128.124
13.224.214.57
13.225.223.33
13.58.43.146
13.58.67.229
139.45.197.234
141.94.171.213
142.250.81.226
149.56.240.129
151.101.66.49
173.223.57.84
18.161.21.123
18.238.4.10
18.238.4.33
185.167.164.49
192.0.78.26
195.211.21.6
207.198.113.89
209.54.182.161
216.200.232.249
217.20.147.23
217.20.156.158
23.92.190.74
2600:1400:9000::687e:74b2
2600:141b:9000::1725:7b92
2600:1f18:ed:550f:baf3:573d:4b62:a404
2606:4700:10::6816:4bab
2606:4700:10::6816:fc7
2606:4700:1::6813:884e
2606:4700:20::681a:82c
2606:4700:20::ac43:46c6
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700:3031::ac43:8980
2606:4700:3032::ac43:bb52
2606:4700:3034::6815:1155
2606:4700:3035::6815:2e3f
2606:4700:3035::ac43:c5a6
2606:4700:3037::6815:5b3f
2606:4700:3037::ac43:dd0a
2606:4700:3038::6815:e9e4
2606:4700:3038::6815:ea86
2606:4700::6810:3965
2606:4700::6810:a465
2606:4700::6811:190e
2606:4700::6812:1634
2606:4700:e0::ac40:6d19
2606:4700:e6::ac40:ca26
2606:50c0:8002::153
2607:f8b0:4006:80f::2009
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::2013
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::2002
2620:112:f002:bbbb::23
2620:1ec:21::14
2a00:1148:db00::17
2a03:2880:f07e:9:face:b00c:0:3
2a04:4e42::485
3.234.8.37
3.33.220.150
34.111.113.62
34.111.234.236
34.238.58.80
35.169.226.14
35.190.60.146
35.236.220.17
40.71.11.141
45.154.206.33
46.105.201.240
50.16.197.56
52.20.134.127
52.22.162.46
52.45.33.138
54.166.121.69
63.251.86.51
68.67.160.75
69.169.85.6
69.169.85.7
76.13.32.147
8.28.7.81
87.240.132.78
95.142.206.1
95.163.217.74
95.163.217.75
95.163.52.67
006997f356b52ffa14cdb06e3ac87bf120065d5d746bc718c31e3ded5280c3e7
00b2db15970f5bc8a9746591970036bf390cb5d3ddeef0baf1a8eb4b45625d6f
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
047067042f122d0868ea460e409d317a5501baf6bbe3c9164a750f2d1332b7ff
063502916b59ec9930c1868c76e323f2603c706af3a2397fba37c28d62b39ed7
07ccb06534df4e968f10088a73b9ed6483be3bfc4d9bd4cb4643fc01ea2b2423
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
094a847f11e4454077462c169fff8629e0287e9b8155524f00d7fbaac460c226
09ffd2c2092496e2bec14f6a18c73922386e853ac63185d0d608f77232b8f776
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f14789a0ec4877cbd4b3839c9b59145e41c2a09c3ed42c9e2e6608154c3e606
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
11c5c03e935fbb5342d3609e29dfd221d293ee139bb6bc946b10c122d9b5d729
120dafaaabd5a22fa79d411e494811ee1163ecf6eee763cee17ee0f7308f9352
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7
199d38f1f1253d6946e4057e76eb0e71fe8353858ce452b0035ec4444ea5cd93
1b49036650d897e47295219f73f922db17e3dfeb49ae07f0cee19d9aac5bd91a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f3209e555b450773b9da8283feb43e5c4d115708f2d582c05705731ff3fb5ab
1f95672fcda24f2641a098edd91a930d8676b93aaec843b642601b61d0365573
203788e58c2c9695c2f8400714ff25fbd8a730720323bb037b91330835e7780f
20e0cbdb64323024f165fe69818fe82c711d8ce44ce4d433419a8e076612a544
20ed81dce61ec051d4163c3e7f6ddb7ccd3068015eb9aaf0b0482fac5a014fb9
22fc25b48b7da194d57520d943836857f6584e3aa99a99fb6a47167fe8e41685
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
277d9360d91644e6a03244ed73000a5331f1daba5999acd57b787e7481f6073c
27b53a8b9b99f95f9030a9cf78576d6f48a4f9b06f3a708daf6af4cf40de289f
28d5957f0c916e10fabdac948470f4f80db1f71c65bd78eecef21876a5f065db
299eec3d50a0956c8c2b7821c14b97aab5b4dbf62c3da3894b5a5b0b80a4b60b
2aaecce6b1f5e8601c52c6e64655cc94ee8d094c8c11c235818c5fc8e7c589ab
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e2464a84508d5cfadee94354c2b922fa653b3c2ef8432b2d40eb3b3b0e7e451
2f27f763a6ce6799cf4d6d25a816040115ea8505f18e465c3769d30c2d895d18
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
303e9d20bd7aca89b2eb2e623e4f6803eb50f3e23a5fdc9deee9e7356ae28011
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
33daa963a04f58768b91c0a6015cbf454a8916ab82c9c5911ad40a62257772bf
399014768216219ec7f36080c20a1148be863d4368096122a29fbc941b34b98f
39b2638b20c43a136b8b1d31c7830c6fce9c3e7eabd9598f32e4e031bf35660f
3c15c82c2812855ffd2da618e8861273850a020c88e1b43e5de1ad95f1a76e49
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7f52d37fcb7d923282936d5e10003bd04747fb056110f61890f389a2394616
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
44b8fb6c30974456ab768748246591a483af46679c00c6e154cfe5f5a99e2839
47a028c8b0423baa47585c9adde67229c7228395b7c28611216e15c320d17f73
4a2e051d848a7b11b73293f3b80623342d94a58f0acc8c0c6edd957c6e248b12
4c67127a469f309f1797390b95f7c0aa9626151d34d410d082e2391a55715e90
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
54904377d3525fc6e56818981cd551ba316b59b6bada30e757aa149528db5934
563bd9946cb40dd7e4eaa2647c5a06a7f8f298be754b945b3c4d3207f36de1b2
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5efafd26d85f9d6c3340aa7b81aff0a4d9fe27d8f9ec9885565afb9fa2097d91
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda
67ab7ccf57d60ae22497beb080f00d7e97df805b76735d5ca29870f5b1e8ec7a
68b2f98c02576467b90635ffc738de20017b888617285910ee6a006c7d816b58
69d06960f2fbed40f78e7ea985acd285419ae6333fa35c0f85e11b66f6d6c3cb
6ca527d817d285c7c10ae207f4401004c6dc84e01c98e8e71d04e2d9539436da
6db8fba78b19521c3fd8d743d4a596beaa5deaa8d41df7b5a5a6ca7b14d27b59
7149b16d81001df53a4ff28f7abf16bcc01bd3fa2794a410223a5dfe749d804f
72d2af0cf34303f0cd23e85682214cf5bcd3a73014a8540c5b6f3c4abf18e3b2
74f1c3f3f6afb4591e0985e5ceb013c37e11a3d20b268d22259df5ea85ff182b
75fd7e2ef0f1cd8749bb014c3d7ca9ab9b93e0d510c734564fa22da7a48387f4
767c1fc96d635ac28c8728d6d8ef09f6be1fb010bd31a1888af9d3a3049cfa8f
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720
786d798c3a80c991cfaa928a6773c51595d3cabba04c5cf0270d6f8e0784a4b3
7ab859619b02eff70d6d36ef3ecb47a7cd86c01506b3886955c81d10d3f0c8b7
7abd52d47abd6dbecc84de11e55f981c2cb49cd7a94fe70158618c12c61f8623
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
7da9230028aea9e9a3f7719af7895e2a856bace59e912b48bc724095bd30a760
7e770339b44aff50751d1a94a306fca7c5e4107c4ba2f207ceab57940b110db9
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
7f057f960b9c5cdfba9c3bf63981c8aa8eeff55dec2cfb56774c640f32115dc3
7feb08bafb725fa2cfd32693c8b4c7c4fee2a0f6c498ced6cae00cd3a7c5cb91
81263a351ddb110a4937fc128a270f1b4330e7b5f6cf6b24ff497864c85fc1e5
821f4c5c421edad5446d12071c952054aeed61f269c1682d6636af19ffc99a1b
82a4fdcb963dc43dd7fe6084fc6b3421f0cca28587e83eca8f670417f777c48f
830dbab9e7059b9f94fb970c403e219f8911a32dc3c53a25c84ec2530c180bb6
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
85d1656abd5d1a228b3d9f0f660d4c4a595f5185ea16d458ace88373b6911a78
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
86d336ac893af5aecb101d217049a56bba2c2709668cc53b98bd98e67b99c0e7
8701646c453c7104bd236024967ab23a2e37ad7e7009c19914eb1b3cf495bf7f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87b68539cb4fefd166e6e2de2c570ba22d0ff9186ca28504d76f3dc7fa9c9a2c
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
895ec112d93d396e97cab5372c8afa2092a7cdc2f9de4730dcd89a5d0d2ef42a
8a17ac2824cdd29256511466ac5e5b1e6e69459a93f4b76ec7c8532faff2c4cf
8a3250a9464a6cf40694cf6210309cc8757cb1cd1f2b020d127912f5216a111b
8b5cf25bb367875da02a558787dc8c02890f36fb6501005b2cf82d2209df6cb7
90dcd0582fff6b29abe323d7063b7b78d96a12b1c546a82fa0e25d4d6a88f0fe
90f3820c9ccaec95dd15b215712e7c7390c8d18e2bdfa00045e553bcfb5c472b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91aa0f92553b3ef61a86d320456d2bf062ea716b2292277eb586713bab59dd95
9254bf653fd6c9d0fcffc641621a4bbc307fd2e9c76244c99475a553f50218bb
9327df2b59dd68a06076042b43d1b90a339e660ca417923affbfcc7983c3f5ef
94c8b5f66306cfb8de675d7dcc50acab77b3bea9e579ef97cc80f3fe9573a532
963c84221b1e8f0fb3126cb9c9b44e9479a617dcbb558dedfc90a397ffb9ab34
96ef84e1ead81ff19bfdc4e7d289a6f173cb2a39cdf220a60e80bd5a7d90669f
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9a4669e8b8a23cbf82b273d4a2b0fb4060aeb0753f5be7592d7fe2663163d0f1
9af7d91caf2e958833c3c1c025ecd44d6d8bb0c43bea46679696a38e40bb9e80
9b9ffafee7dc14114cbd1002c085a5696192601101afb79ff85a14035ef2a7bd
9c14f85851d2d6ddff7f3ae2ef6fe16ec8af9c98aafb8c53bdcda078fa26c8af
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a7bd4a242ed55871bc369f30f2caa24b40ae6cbfebb6d878cd447fd07cb302de
a8039008b0fc4228fe06a0e5330f0eba03aca6392a1e5a6c19827a0fd2e60e34
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaec2305eefd571037b150cba763d4fdba48f48d7797c7fb5843c6843b5b92ff
ab46be9ba674669216946ece68fbc7dad9b28a26a8158781564845f74d2835d4
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
aee88106629879e8cdeb03ae3a46eeb2ab3ed13d457cab18145c51ce231437b8
af3080c860328d1c1ee246a6320fd0fb505bbe46ba2c961cc52fb406920b2139
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17cced49a457c9249178205866d08944bda661f5aefa7d395733923ad5dc057
b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5
b3ae08509d0f9d1142838a568c7d7a536f703c30049dd5f58e849b844e094286
b4158f995b3fbc4314e18bc395e0faa38d2390c1bd0ed08efe086c73656b5178
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
be55ef3f4c4e6c2d9c2afe2a33ac90ad0f50d4de7f9163999877e2a9ca5a54f8
bf1992b3811eed8ad51ab65dda00dce84ab79045cf8ebdd01f8cf0e9c92a1800
c0165c942db5d1d6bebdd4c050db13d84846ab84eb032d33761f486151bd5cab
c17a81619e8e4f29e545389f3fd60a54c6deef2cdb398c0f9e40fee334f762a4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4cc9e234041581b8084674226b31c0f46a4633ced6b9543d79c4e0325a79a07
c4dfefb3d3e98a5dff08c38f94d1dad9fab79fc0cbe17deee35a7789f5595673
c4f481e890cb7357460821eafbc7678fe6900c001c97a6520091c6c44bd2a328
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7265ec09cf069d65d63ebe9dbc6e8fe4d86fd71b1c19ff26625925e7062c3a4
c8fbf24d29c8463e47a11b352f55ca4c917db86640874e10d7df65b0b70d5492
c9d40d0270579b68aecda27b3ce8a4f780f23965dd394a45b34cb43f79e4f8ff
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
cc9eeb32a6a836ca821fa3d3364fac58bf8f84de9dd6496c307b1e60023d48b5
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce4bfb3c50cafc452e29455c2f795d86c12831475888bd1d556d88d97a56b435
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1eb687850822a43af366844f10b819a24f47d42f099f61660ef6890863af475
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d2ce5e0b2e0703f4059ee6180a522092272fe07d2f1585079b6e097e1d87eddf
d4598a00ca8ef68f32b2cc69074851808aa6bbf8f5b7920d20aa14eb2828aa15
d50aebcf328b08623f7637c16273921eb114c14cceecffae3e5535f1b65ffa24
d773234a98958ef87b81fdc8691cee0a736ea3f386cbc1ac9616147983a87ecf
d7cf004e1c820b44d107da6603294749e7607ac337fbb00ee74618b6244580f5
d8aa1c2324114122531f2db78176a28a2581f9ffa7ceae28c90217f5184af2ac
d8c5bac3437c1cd775e242468c37c69a7f417b6d4bdb2f4c0514925d586aebff
d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df39dd4031693ae7f32f1e4d67d59433cef4e43fcfac0a2fd9a22aa9e1eb8eaa
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e130342d547b9e5577207c6c999be799e774684e51c079d2a8bfb88c2a6440d6
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fcda652b8109742f424e0f8aec0b077b175f2ac5af6646570216ca8fff44a9
e7912e57f39d52b1daa9958e9dcf0ef2612c50a3340d6c67adb916d2ffc655b4
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ececa9e61bb3fdcc596ffc85f78c55677d9da377643c615dd7d717e61a835334
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f000ab2daaac8b34ee1968e1a9be24d6f5deb780c9597620e6ac8b1962456a90
f179d8d7a39288eead96a610d2b2afea6b0088ee190fbfe5451c950fafabcfbf
f38f0a8f221ad2113f371a8e591209af276f1dff0c6c53bc34e1aa068b6e8514
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f4734d0e6eb38b523c1014fc9112f16521d86dc539bea7e55ab73cf908dda646
f6a5c4a2b64918ed6d1e866896635ef6b166c94623e41249352a52e3e51b6bfc
f7be11912a6cfc59519445609d076fb92503789ae4fd297d2fb0b054daca229c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82cfb4317fe3bca9e928d67098ca1b632b7f22d0f92c9a4a95df8ef29180133
faaef63028a05e198e646a54440e6700eda7c37229fd910f4c041fffcf6b6b84
fba7b5fcce2ce08e96a9b7eaf914088c9061cd8e7a5b63c5898b2f7baf44424a
fbe5d8ca93536380431634c01c2ad5cd14eaa86b4bd8dd2905b380c72f043604
ff1a155bdc61dd10d5dc44cd437b43cc3c14cf151b0c2b6d89983c9f592bbe06
ff47ba810a35d3af552e8d81c2875fe23364723671ecf13b38f28a4c34dff3ea